:root\"\n },\n \"Action\": \"kms:*\",\n \"Resource\": \"*\"\n }\n ]\n}",
- "description": "The key policy to attach to the KMS key.\n If you provide a key policy, it must meet the following criteria:\n + The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *Developer Guide*. (To omit this condition, set ``BypassPolicyLockoutSafetyCheck`` to true.)\n + Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to KMS. For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *User Guide*.\n \n If you do not provide a key policy, KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *Developer Guide*.\n A key policy document can include only the following characters:\n + Printable ASCII characters\n + Printable characters in the Basic Latin and Latin-1 Supplement character set\n + The tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``) special characters\n \n *Minimum*: ``1`` \n *Maximum*: ``32768``",
+ "description": "The key policy to attach to the KMS key.\n If you provide a key policy, it must meet the following criteria:\n + The key policy must allow the caller to make a subsequent [PutKeyPolicy](https://docs.aws.amazon.com/kms/latest/APIReference/API_PutKeyPolicy.html) request on the KMS key. This reduces the risk that the KMS key becomes unmanageable. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam) in the *Developer Guide*. (To omit this condition, set ``BypassPolicyLockoutSafetyCheck`` to true.)\n + Each statement in the key policy must contain one or more principals. The principals in the key policy must exist and be visible to KMS. When you create a new AWS principal (for example, an IAM user or role), you might need to enforce a delay before including the new principal in a key policy because the new principal might not be immediately visible to KMS. For more information, see [Changes that I make are not always immediately visible](https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency) in the *User Guide*.\n \n If you do not provide a key policy, KMS attaches a default key policy to the KMS key. For more information, see [Default key policy](https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default) in the *Developer Guide*.\n A key policy document can include only the following characters:\n + Printable ASCII characters\n + Printable characters in the Basic Latin and Latin-1 Supplement character set\n + The tab (``\\u0009``), line feed (``\\u000A``), and carriage return (``\\u000D``) special characters\n \n *Minimum*: ``1``\n *Maximum*: ``32768``",
"type": [
"object",
"string"
@@ -112,7 +112,7 @@
},
"KeySpec": {
"default": "SYMMETRIC_DEFAULT",
- "description": "Specifies the type of KMS key to create. The default value, ``SYMMETRIC_DEFAULT``, creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, ``SYMMETRIC_DEFAULT`` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the ``KeySpec`` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *Developer Guide*.\n The ``KeySpec`` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *Developer Guide*.\n If you change the value of the ``KeySpec`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n [services that are integrated with](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *Developer Guide*.\n KMS supports the following key specs for KMS keys:\n + Symmetric encryption key (default)\n + ``SYMMETRIC_DEFAULT`` (AES-256-GCM)\n \n + HMAC keys (symmetric)\n + ``HMAC_224`` \n + ``HMAC_256`` \n + ``HMAC_384`` \n + ``HMAC_512`` \n \n + Asymmetric RSA key pairs\n + ``RSA_2048`` \n + ``RSA_3072`` \n + ``RSA_4096`` \n \n + Asymmetric NIST-recommended elliptic curve key pairs\n + ``ECC_NIST_P256`` (secp256r1)\n + ``ECC_NIST_P384`` (secp384r1)\n + ``ECC_NIST_P521`` (secp521r1)\n \n + Other asymmetric elliptic curve key pairs\n + ``ECC_SECG_P256K1`` (secp256k1), commonly used for cryptocurrencies.\n \n + SM2 key pairs (China Regions only)\n + ``SM2``",
+ "description": "Specifies the type of KMS key to create. The default value, ``SYMMETRIC_DEFAULT``, creates a KMS key with a 256-bit symmetric key for encryption and decryption. In China Regions, ``SYMMETRIC_DEFAULT`` creates a 128-bit symmetric key that uses SM4 encryption. You can't change the ``KeySpec`` value after the KMS key is created. For help choosing a key spec for your KMS key, see [Choosing a KMS key type](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html) in the *Developer Guide*.\n The ``KeySpec`` property determines the type of key material in the KMS key and the algorithms that the KMS key supports. To further restrict the algorithms that can be used with the KMS key, use a condition key in its key policy or IAM policy. For more information, see [condition keys](https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms) in the *Developer Guide*.\n If you change the value of the ``KeySpec`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n [services that are integrated with](https://docs.aws.amazon.com/kms/features/#AWS_Service_Integration) use symmetric encryption KMS keys to protect your data. These services do not support encryption with asymmetric KMS keys. For help determining whether a KMS key is asymmetric, see [Identifying asymmetric KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html) in the *Developer Guide*.\n KMS supports the following key specs for KMS keys:\n + Symmetric encryption key (default)\n + ``SYMMETRIC_DEFAULT`` (AES-256-GCM)\n \n + HMAC keys (symmetric)\n + ``HMAC_224`` \n + ``HMAC_256`` \n + ``HMAC_384`` \n + ``HMAC_512`` \n \n + Asymmetric RSA key pairs (encryption and decryption *or* signing and verification)\n + ``RSA_2048`` \n + ``RSA_3072`` \n + ``RSA_4096`` \n \n + Asymmetric NIST-recommended elliptic curve key pairs (signing and verification *or* deriving shared secrets)\n + ``ECC_NIST_P256`` (secp256r1)\n + ``ECC_NIST_P384`` (secp384r1)\n + ``ECC_NIST_P521`` (secp521r1)\n \n + Other asymmetric elliptic curve key pairs (signing and verification)\n + ``ECC_SECG_P256K1`` (secp256k1), commonly used for cryptocurrencies.\n \n + SM2 key pairs (encryption and decryption *or* signing and verification *or* deriving shared secrets)\n + ``SM2`` (China Regions only)",
"enum": [
"SYMMETRIC_DEFAULT",
"RSA_2048",
@@ -132,7 +132,7 @@
},
"KeyUsage": {
"default": "ENCRYPT_DECRYPT",
- "description": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is ``ENCRYPT_DECRYPT``. This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the ``KeyUsage`` value after the KMS key is created.\n If you change the value of the ``KeyUsage`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n Select only one valid value.\n + For symmetric encryption KMS keys, omit the property or specify ``ENCRYPT_DECRYPT``.\n + For asymmetric KMS keys with RSA key material, specify ``ENCRYPT_DECRYPT`` or ``SIGN_VERIFY``.\n + For asymmetric KMS keys with ECC key material, specify ``SIGN_VERIFY``.\n + For asymmetric KMS keys with SM2 (China Regions only) key material, specify ``ENCRYPT_DECRYPT`` or ``SIGN_VERIFY``.\n + For HMAC KMS keys, specify ``GENERATE_VERIFY_MAC``.",
+ "description": "Determines the [cryptographic operations](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations) for which you can use the KMS key. The default value is ``ENCRYPT_DECRYPT``. This property is required for asymmetric KMS keys and HMAC KMS keys. You can't change the ``KeyUsage`` value after the KMS key is created.\n If you change the value of the ``KeyUsage`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n Select only one valid value.\n + For symmetric encryption KMS keys, omit the parameter or specify ``ENCRYPT_DECRYPT``.\n + For HMAC KMS keys (symmetric), specify ``GENERATE_VERIFY_MAC``.\n + For asymmetric KMS keys with RSA key pairs, specify ``ENCRYPT_DECRYPT`` or ``SIGN_VERIFY``.\n + For asymmetric KMS keys with NIST-recommended elliptic curve key pairs, specify ``SIGN_VERIFY`` or ``KEY_AGREEMENT``.\n + For asymmetric KMS keys with ``ECC_SECG_P256K1`` key pairs specify ``SIGN_VERIFY``.\n + For asymmetric KMS keys with SM2 key pairs (China Regions only), specify ``ENCRYPT_DECRYPT``, ``SIGN_VERIFY``, or ``KEY_AGREEMENT``.",
"enum": [
"ENCRYPT_DECRYPT",
"SIGN_VERIFY",
@@ -143,12 +143,12 @@
},
"MultiRegion": {
"default": false,
- "description": "Creates a multi-Region primary key that you can replicate in other AWS-Regions. You can't change the ``MultiRegion`` value after the KMS key is created.\n For a list of AWS-Regions in which multi-Region keys are supported, see [Multi-Region keys in](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the **.\n If you change the value of the ``MultiRegion`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n For a multi-Region key, set to this property to ``true``. For a single-Region key, omit this property or set it to ``false``. The default value is ``false``.\n *Multi-Region keys* are an KMS feature that lets you create multiple interoperable KMS keys in different AWS-Regions. Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS-Region and decrypt it in a different AWS-Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *Developer Guide*.\n You can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n To create a replica of this primary key in a different AWS-Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.",
+ "description": "Creates a multi-Region primary key that you can replicate in other AWS-Regions. You can't change the ``MultiRegion`` value after the KMS key is created.\n For a list of AWS-Regions in which multi-Region keys are supported, see [Multi-Region keys in](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the **.\n If you change the value of the ``MultiRegion`` property on an existing KMS key, the update request fails, regardless of the value of the [UpdateReplacePolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html). This prevents you from accidentally deleting a KMS key by changing an immutable property value.\n For a multi-Region key, set to this property to ``true``. For a single-Region key, omit this property or set it to ``false``. The default value is ``false``.\n *Multi-Region keys* are an KMS feature that lets you create multiple interoperable KMS keys in different AWS-Regions. Because these KMS keys have the same key ID, key material, and other metadata, you can use them to encrypt data in one AWS-Region and decrypt it in a different AWS-Region without making a cross-Region call or exposing the plaintext data. For more information, see [Multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) in the *Developer Guide*.\n You can create a symmetric encryption, HMAC, or asymmetric multi-Region KMS key, and you can create a multi-Region key with imported key material. However, you cannot create a multi-Region key in a custom key store.\n To create a replica of this primary key in a different AWS-Region , create an [AWS::KMS::ReplicaKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-kms-replicakey.html) resource in a CloudFormation stack in the replica Region. Specify the key ARN of this primary key.",
"type": "boolean"
},
"Origin": {
"default": "AWS_KMS",
- "description": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is ``AWS_KMS``, which means that KMS creates the key material.\n To [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to ``EXTERNAL``. For more information about importing key material into KMS, see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *Developer Guide*.\n You can ignore ``ENABLED`` when Origin is ``EXTERNAL``. When a KMS key with Origin ``EXTERNAL`` is created, the key state is ``PENDING_IMPORT`` and ``ENABLED`` is ``false``. After you import the key material, ``ENABLED`` updated to ``true``. The KMS key can then be used for Cryptographic Operations. \n CFN doesn't support creating an ``Origin`` parameter of the ``AWS_CLOUDHSM`` or ``EXTERNAL_KEY_STORE`` values.",
+ "description": "The source of the key material for the KMS key. You cannot change the origin after you create the KMS key. The default is ``AWS_KMS``, which means that KMS creates the key material.\n To [create a KMS key with no key material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html) (for imported key material), set this value to ``EXTERNAL``. For more information about importing key material into KMS, see [Importing Key Material](https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html) in the *Developer Guide*.\n You can ignore ``ENABLED`` when Origin is ``EXTERNAL``. When a KMS key with Origin ``EXTERNAL`` is created, the key state is ``PENDING_IMPORT`` and ``ENABLED`` is ``false``. After you import the key material, ``ENABLED`` updated to ``true``. The KMS key can then be used for Cryptographic Operations. \n CFN doesn't support creating an ``Origin`` parameter of the ``AWS_CLOUDHSM`` or ``EXTERNAL_KEY_STORE`` values.",
"enum": [
"AWS_KMS",
"EXTERNAL"
@@ -156,7 +156,7 @@
"type": "string"
},
"PendingWindowInDays": {
- "description": "Specifies the number of days in the waiting period before KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n When you remove a KMS key from a CloudFormation stack, KMS schedules the KMS key for deletion and starts the mandatory waiting period. The ``PendingWindowInDays`` property determines the length of waiting period. During the waiting period, the key state of KMS key is ``Pending Deletion`` or ``Pending Replica Deletion``, which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, KMS permanently deletes the KMS key.\n KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to ``PendingReplicaDeletion`` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to ``PendingDeletion`` and the waiting period specified by ``PendingWindowInDays`` begins. When this waiting period expires, KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *Developer Guide*.\n You cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n For information about the ``Pending Deletion`` and ``Pending Replica Deletion`` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *Developer Guide*. For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *Developer Guide*.",
+ "description": "Specifies the number of days in the waiting period before KMS deletes a KMS key that has been removed from a CloudFormation stack. Enter a value between 7 and 30 days. The default value is 30 days.\n When you remove a KMS key from a CloudFormation stack, KMS schedules the KMS key for deletion and starts the mandatory waiting period. The ``PendingWindowInDays`` property determines the length of waiting period. During the waiting period, the key state of KMS key is ``Pending Deletion`` or ``Pending Replica Deletion``, which prevents the KMS key from being used in cryptographic operations. When the waiting period expires, KMS permanently deletes the KMS key.\n KMS will not delete a [multi-Region primary key](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html) that has replica keys. If you remove a multi-Region primary key from a CloudFormation stack, its key state changes to ``PendingReplicaDeletion`` so it cannot be replicated or used in cryptographic operations. This state can persist indefinitely. When the last of its replica keys is deleted, the key state of the primary key changes to ``PendingDeletion`` and the waiting period specified by ``PendingWindowInDays`` begins. When this waiting period expires, KMS deletes the primary key. For details, see [Deleting multi-Region keys](https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html) in the *Developer Guide*.\n You cannot use a CloudFormation template to cancel deletion of the KMS key after you remove it from the stack, regardless of the waiting period. If you specify a KMS key in your template, even one with the same name, CloudFormation creates a new KMS key. To cancel deletion of a KMS key, use the KMS console or the [CancelKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_CancelKeyDeletion.html) operation.\n For information about the ``Pending Deletion`` and ``Pending Replica Deletion`` key states, see [Key state: Effect on your KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html) in the *Developer Guide*. For more information about deleting KMS keys, see the [ScheduleKeyDeletion](https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html) operation in the *API Reference* and [Deleting KMS keys](https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html) in the *Developer Guide*.",
"maximum": 30,
"minimum": 7,
"type": "integer"
@@ -185,6 +185,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-kms",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "kms:TagResource",
+ "kms:UntagResource",
+ "kms:ListResourceTags"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-kms-replicakey.json b/schema/aws-kms-replicakey.json
index 1c6a47b..59bfbd6 100644
--- a/schema/aws-kms-replicakey.json
+++ b/schema/aws-kms-replicakey.json
@@ -130,7 +130,13 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-kms",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "kms:TagResource",
+ "kms:UntagResource",
+ "kms:ListResourceTags"
+ ],
"tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
diff --git a/schema/aws-lakeformation-principalpermissions.json b/schema/aws-lakeformation-principalpermissions.json
index 7cea2b4..30a4cc1 100644
--- a/schema/aws-lakeformation-principalpermissions.json
+++ b/schema/aws-lakeformation-principalpermissions.json
@@ -264,8 +264,9 @@
"CREATE_DATABASE",
"CREATE_TABLE",
"DATA_LOCATION_ACCESS",
- "CREATE_TAG",
- "ASSOCIATE"
+ "CREATE_LF_TAG",
+ "ASSOCIATE",
+ "GRANT_WITH_LF_TAG_EXPRESSION"
],
"type": "string"
},
diff --git a/schema/aws-lakeformation-tag.json b/schema/aws-lakeformation-tag.json
index 4a45cd1..d8133d3 100644
--- a/schema/aws-lakeformation-tag.json
+++ b/schema/aws-lakeformation-tag.json
@@ -27,7 +27,7 @@
"items": {
"$ref": "#/definitions/LFTagValue"
},
- "maxItems": 50,
+ "maxItems": 1000,
"minItems": 1,
"type": "array"
}
diff --git a/schema/aws-lambda-codesigningconfig.json b/schema/aws-lambda-codesigningconfig.json
index fce9c2d..db9ae0e 100644
--- a/schema/aws-lambda-codesigningconfig.json
+++ b/schema/aws-lambda-codesigningconfig.json
@@ -41,13 +41,35 @@
"UntrustedArtifactOnDeployment"
],
"type": "object"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key"
+ ],
+ "type": "object"
}
},
"description": "Resource Type definition for AWS::Lambda::CodeSigningConfig.",
"handlers": {
"create": {
"permissions": [
- "lambda:CreateCodeSigningConfig"
+ "lambda:CreateCodeSigningConfig",
+ "lambda:TagResource"
]
},
"delete": {
@@ -62,12 +84,16 @@
},
"read": {
"permissions": [
- "lambda:GetCodeSigningConfig"
+ "lambda:GetCodeSigningConfig",
+ "lambda:ListTags"
]
},
"update": {
"permissions": [
- "lambda:UpdateCodeSigningConfig"
+ "lambda:UpdateCodeSigningConfig",
+ "lambda:ListTags",
+ "lambda:TagResource",
+ "lambda:UntagResource"
]
}
},
@@ -98,6 +124,15 @@
"maxLength": 256,
"minLength": 0,
"type": "string"
+ },
+ "Tags": {
+ "description": "A list of tags to apply to CodeSigningConfig resource",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": true
}
},
"readOnlyProperties": [
@@ -107,5 +142,17 @@
"required": [
"AllowedPublishers"
],
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "lambda:ListTags",
+ "lambda:TagResource",
+ "lambda:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Lambda::CodeSigningConfig"
}
diff --git a/schema/aws-lambda-eventinvokeconfig.json b/schema/aws-lambda-eventinvokeconfig.json
index 62496fe..9f1b945 100644
--- a/schema/aws-lambda-eventinvokeconfig.json
+++ b/schema/aws-lambda-eventinvokeconfig.json
@@ -26,7 +26,7 @@
"description": "The Amazon Resource Name (ARN) of the destination resource.",
"maxLength": 350,
"minLength": 0,
- "pattern": "^$|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)",
+ "pattern": "^$|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)",
"type": "string"
}
},
@@ -43,7 +43,7 @@
"description": "The Amazon Resource Name (ARN) of the destination resource.",
"maxLength": 350,
"minLength": 0,
- "pattern": "^$|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)",
+ "pattern": "^$|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)",
"type": "string"
}
},
@@ -101,7 +101,7 @@
},
"FunctionName": {
"description": "The name of the Lambda function.",
- "pattern": "^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?$",
+ "pattern": "^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?$",
"type": "string"
},
"MaximumEventAgeInSeconds": {
diff --git a/schema/aws-lambda-eventsourcemapping.json b/schema/aws-lambda-eventsourcemapping.json
index 3c7e6ad..3683cf9 100644
--- a/schema/aws-lambda-eventsourcemapping.json
+++ b/schema/aws-lambda-eventsourcemapping.json
@@ -123,12 +123,32 @@
"minimum": 2,
"type": "integer"
},
+ "MetricsConfig": {
+ "additionalProperties": false,
+ "description": "The metrics configuration for your event source. Use this configuration object to define which metrics you want your event source mapping to produce.",
+ "properties": {
+ "Metrics": {
+ "description": "The metrics you want your event source mapping to produce. Include ``EventCount`` to receive event source mapping metrics related to the number of events processed by your event source mapping. For more information about these metrics, see [Event source mapping metrics](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-metrics-types.html#event-source-mapping-metrics).",
+ "items": {
+ "enum": [
+ "EventCount"
+ ],
+ "type": "string"
+ },
+ "maxItems": 1,
+ "minItems": 0,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "type": "object"
+ },
"OnFailure": {
"additionalProperties": false,
"description": "A destination for events that failed processing.",
"properties": {
"Destination": {
- "description": "The Amazon Resource Name (ARN) of the destination resource.\n To retain records of [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations), you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, or Amazon EventBridge event bus as the destination.\n To retain records of failed invocations from [Kinesis and DynamoDB event sources](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#event-source-mapping-destinations), you can configure an Amazon SNS topic or Amazon SQS queue as the destination.\n To retain records of failed invocations from [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination), you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.",
+ "description": "The Amazon Resource Name (ARN) of the destination resource.\n To retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations), you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination.\n To retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html), [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html), [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination), you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.",
"maxLength": 1024,
"minLength": 12,
"pattern": "arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)",
@@ -137,6 +157,25 @@
},
"type": "object"
},
+ "ProvisionedPollerConfig": {
+ "additionalProperties": false,
+ "description": "The [provisioned mode](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#invocation-eventsourcemapping-provisioned-mode) configuration for the event source. Use provisioned mode to customize the minimum and maximum number of event pollers for your event source.",
+ "properties": {
+ "MaximumPollers": {
+ "description": "The maximum number of event pollers this event source can scale up to.",
+ "maximum": 2000,
+ "minimum": 1,
+ "type": "integer"
+ },
+ "MinimumPollers": {
+ "description": "The minimum number of event pollers this event source can scale down to.",
+ "maximum": 200,
+ "minimum": 1,
+ "type": "integer"
+ }
+ },
+ "type": "object"
+ },
"ScalingConfig": {
"additionalProperties": false,
"description": "(Amazon SQS only) The scaling configuration for the event source. To remove the configuration, pass an empty value.",
@@ -197,6 +236,28 @@
}
},
"type": "object"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "description": "A [tag](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the event source mapping.",
+ "properties": {
+ "Key": {
+ "description": "The key for this tag.",
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "description": "The value for this tag.",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key"
+ ],
+ "type": "object"
}
},
"description": "The ``AWS::Lambda::EventSourceMapping`` resource creates a mapping between an event source and an LAMlong function. LAM reads items from the event source and triggers the function.\n For details about each event source type, see the following topics. In particular, each of the topics describes the required and optional parameters for the specific event source. \n + [Configuring a Dynamo DB stream as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-dynamodb-eventsourcemapping) \n + [Configuring a Kinesis stream as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html#services-kinesis-eventsourcemapping) \n + [Configuring an SQS queue as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-eventsource) \n + [Configuring an MQ broker as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-mq.html#services-mq-eventsourcemapping) \n + [Configuring MSK as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html) \n + [Configuring Self-Managed Apache Kafka as an event source](https://docs.aws.amazon.com/lambda/latest/dg/kafka-smaa.html) \n + [Configuring Amazon DocumentDB as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-documentdb.html)",
@@ -204,13 +265,18 @@
"create": {
"permissions": [
"lambda:CreateEventSourceMapping",
- "lambda:GetEventSourceMapping"
+ "lambda:GetEventSourceMapping",
+ "lambda:TagResource",
+ "kms:DescribeKey",
+ "kms:GenerateDataKey",
+ "kms:Decrypt"
]
},
"delete": {
"permissions": [
"lambda:DeleteEventSourceMapping",
- "lambda:GetEventSourceMapping"
+ "lambda:GetEventSourceMapping",
+ "kms:Decrypt"
]
},
"list": {
@@ -220,13 +286,20 @@
},
"read": {
"permissions": [
- "lambda:GetEventSourceMapping"
+ "lambda:GetEventSourceMapping",
+ "lambda:ListTags",
+ "kms:Decrypt"
]
},
"update": {
"permissions": [
"lambda:UpdateEventSourceMapping",
- "lambda:GetEventSourceMapping"
+ "lambda:GetEventSourceMapping",
+ "lambda:TagResource",
+ "lambda:UntagResource",
+ "kms:DescribeKey",
+ "kms:GenerateDataKey",
+ "kms:Decrypt"
]
}
},
@@ -245,7 +318,7 @@
"type": "integer"
},
"BisectBatchOnFunctionError": {
- "description": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.",
+ "description": "(Kinesis and DynamoDB Streams only) If the function returns an error, split the batch in two and retry. The default value is false.\n When using ``BisectBatchOnFunctionError``, check the ``BatchSize`` parameter in the ``OnFailure`` destination message's metadata. The ``BatchSize`` could be greater than 1 since LAM consolidates failed messages metadata when writing to the ``OnFailure`` destination.",
"type": "boolean"
},
"DestinationConfig": {
@@ -267,6 +340,13 @@
"pattern": "arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)",
"type": "string"
},
+ "EventSourceMappingArn": {
+ "description": "",
+ "maxLength": 120,
+ "minLength": 85,
+ "pattern": "arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}:\\d{12}:event-source-mapping:[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}",
+ "type": "string"
+ },
"FilterCriteria": {
"$ref": "#/definitions/FilterCriteria",
"description": "An object that defines the filter criteria that determine whether Lambda should process an event. For more information, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html)."
@@ -279,7 +359,7 @@
"type": "string"
},
"FunctionResponseTypes": {
- "description": "(Streams and SQS) A list of current response type enums applied to the event source mapping.\n Valid Values: ``ReportBatchItemFailures``",
+ "description": "(Kinesis, DynamoDB Streams, and SQS) A list of current response type enums applied to the event source mapping.\n Valid Values: ``ReportBatchItemFailures``",
"items": {
"enum": [
"ReportBatchItemFailures"
@@ -298,6 +378,13 @@
"pattern": "[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}",
"type": "string"
},
+ "KmsKeyArn": {
+ "description": "The ARN of the KMSlong (KMS) customer managed key that Lambda uses to encrypt your function's [filter criteria](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-basics).",
+ "maxLength": 2048,
+ "minLength": 12,
+ "pattern": "(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()",
+ "type": "string"
+ },
"MaximumBatchingWindowInSeconds": {
"description": "The maximum amount of time, in seconds, that Lambda spends gathering records before invoking the function.\n *Default (, , event sources)*: 0\n *Default (, Kafka, , event sources)*: 500 ms\n *Related setting:* For SQS event sources, when you set ``BatchSize`` to a value greater than 10, you must set ``MaximumBatchingWindowInSeconds`` to at least 1.",
"maximum": 300,
@@ -316,12 +403,20 @@
"minimum": -1,
"type": "integer"
},
+ "MetricsConfig": {
+ "$ref": "#/definitions/MetricsConfig",
+ "description": "The metrics configuration for your event source. For more information, see [Event source mapping metrics](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-metrics-types.html#event-source-mapping-metrics)."
+ },
"ParallelizationFactor": {
"description": "(Kinesis and DynamoDB Streams only) The number of batches to process concurrently from each shard. The default value is 1.",
"maximum": 10,
"minimum": 1,
"type": "integer"
},
+ "ProvisionedPollerConfig": {
+ "$ref": "#/definitions/ProvisionedPollerConfig",
+ "description": "(Amazon MSK and self-managed Apache Kafka only) The provisioned mode configuration for the event source. For more information, see [provisioned mode](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#invocation-eventsourcemapping-provisioned-mode)."
+ },
"Queues": {
"description": "(Amazon MQ) The name of the Amazon MQ broker destination queue to consume.",
"items": {
@@ -368,6 +463,15 @@
"description": "With ``StartingPosition`` set to ``AT_TIMESTAMP``, the time from which to start reading, in Unix time seconds. ``StartingPositionTimestamp`` cannot be in the future.",
"type": "number"
},
+ "Tags": {
+ "description": "A list of tags to add to the event source mapping.\n You must have the ``lambda:TagResource``, ``lambda:UntagResource``, and ``lambda:ListTags`` permissions for your [principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the CFN stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": true
+ },
"Topics": {
"description": "The name of the Kafka topic.",
"items": {
@@ -392,16 +496,23 @@
"/properties/StartingPositionTimestamp": "StartingPositionTimestamp * 1000"
},
"readOnlyProperties": [
- "/properties/Id"
+ "/properties/Id",
+ "/properties/EventSourceMappingArn"
],
"required": [
"FunctionName"
],
"tagging": {
- "cloudFormationSystemTags": false,
- "tagOnCreate": false,
- "tagUpdatable": false,
- "taggable": false
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "lambda:ListTags",
+ "lambda:TagResource",
+ "lambda:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
},
"typeName": "AWS::Lambda::EventSourceMapping"
}
diff --git a/schema/aws-lambda-function.json b/schema/aws-lambda-function.json
index 0ea64fb..9ade73d 100644
--- a/schema/aws-lambda-function.json
+++ b/schema/aws-lambda-function.json
@@ -1,12 +1,13 @@
{
"additionalProperties": false,
"createOnlyProperties": [
- "/properties/FunctionName"
+ "/properties/FunctionName",
+ "/properties/PackageType"
],
"definitions": {
"Code": {
"additionalProperties": false,
- "description": "The [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) for a Lambda function. To deploy a function defined as a container image, you specify the location of a container image in the Amazon ECR registry. For a .zip file deployment package, you can specify the location of an object in Amazon S3. For Node.js and Python functions, you can specify the function code inline in the template.\n Changes to a deployment package in Amazon S3 or a container image in ECR are not detected automatically during stack updates. To update the function code, change the object key or version in the template.",
+ "description": "The [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) for a Lambda function. To deploy a function defined as a container image, you specify the location of a container image in the Amazon ECR registry. For a .zip file deployment package, you can specify the location of an object in Amazon S3. For Node.js and Python functions, you can specify the function code inline in the template.\n When you specify source code inline for a Node.js function, the ``index`` file that CFN creates uses the extension ``.js``. This means that LAM treats the file as a CommonJS module. ES modules aren't supported for inline functions.\n Changes to a deployment package in Amazon S3 or a container image in ECR are not detected automatically during stack updates. To update the function code, change the object key or version in the template.",
"properties": {
"ImageUri": {
"description": "URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry.",
@@ -31,8 +32,13 @@
"minLength": 1,
"type": "string"
},
+ "SourceKMSKeyArn": {
+ "description": "The ARN of the KMSlong (KMS) customer managed key that's used to encrypt your function's .zip deployment package. If you don't provide a customer managed key, Lambda uses an [owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk).",
+ "pattern": "^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$",
+ "type": "string"
+ },
"ZipFile": {
- "description": "(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, CFN places it in a file named ``index`` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html). This zip file cannot exceed 4MB. For the ``Handler`` property, the first part of the handler identifier must be ``index``. For example, ``index.handler``.\n For JSON, you must escape quotes and special characters such as newline (``\\n``) with a backslash.\n If you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ([cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html)) that simplifies sending responses. See [Using Lambda with CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details.",
+ "description": "(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, CFN places it in a file named ``index`` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html). This zip file cannot exceed 4MB. For the ``Handler`` property, the first part of the handler identifier must be ``index``. For example, ``index.handler``.\n When you specify source code inline for a Node.js function, the ``index`` file that CFN creates uses the extension ``.js``. This means that LAM treats the file as a CommonJS module. ES modules aren't supported for inline functions.\n For JSON, you must escape quotes and special characters such as newline (``\\n``) with a backslash.\n If you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ([cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html)) that simplifies sending responses. See [Using Lambda with CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details.",
"type": "string"
}
},
@@ -56,7 +62,7 @@
"properties": {
"Variables": {
"additionalProperties": false,
- "description": "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html).",
+ "description": "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html).\n If the value of the environment variable is a time or a duration, enclose the value in quotes.",
"patternProperties": {
"[a-zA-Z][a-zA-Z0-9_]+": {
"type": "string"
@@ -90,7 +96,7 @@
"Arn": {
"description": "The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.",
"maxLength": 200,
- "pattern": "^arn:aws[a-zA-Z-]*:elasticfilesystem:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}:\\d{12}:access-point/fsap-[a-f0-9]{17}$",
+ "pattern": "^arn:aws[a-zA-Z-]*:elasticfilesystem:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}:\\d{12}:access-point/fsap-[a-f0-9]{17}$",
"type": "string"
},
"LocalMountPath": {
@@ -178,6 +184,14 @@
},
"type": "object"
},
+ "RecursiveLoop": {
+ "description": "The function recursion configuration.",
+ "enum": [
+ "Allow",
+ "Terminate"
+ ],
+ "type": "string"
+ },
"RuntimeManagementConfig": {
"additionalProperties": false,
"description": "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html).",
@@ -244,16 +258,16 @@
},
"Tag": {
"additionalProperties": false,
- "description": "",
+ "description": "A [tag](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.",
"properties": {
"Key": {
- "description": "",
+ "description": "The key for this tag.",
"maxLength": 128,
"minLength": 1,
"type": "string"
},
"Value": {
- "description": "",
+ "description": "The value for this tag.",
"maxLength": 256,
"minLength": 0,
"type": "string"
@@ -309,7 +323,7 @@
"type": "object"
}
},
- "description": "The ``AWS::Lambda::Function`` resource creates a Lambda function. To create a function, you need a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) and an [execution role](https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html). The deployment package is a .zip file archive or container image that contains your function code. The execution role grants the function permission to use AWS services, such as Amazon CloudWatch Logs for log streaming and AWS X-Ray for request tracing.\n You set the package type to ``Image`` if the deployment package is a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html). For a container image, the code property must include the URI of a container image in the Amazon ECR registry. You do not need to specify the handler and runtime properties. \n You set the package type to ``Zip`` if the deployment package is a [.zip file archive](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html#gettingstarted-package-zip). For a .zip file archive, the code property specifies the location of the .zip file. You must also specify the handler and runtime properties. For a Python example, see [Deploy Python Lambda functions with .zip file archives](https://docs.aws.amazon.com/lambda/latest/dg/python-package.html).\n You can use [code signing](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html) if your deployment package is a .zip file archive. To enable code signing for this function, specify the ARN of a code-signing configuration. When a user attempts to deploy a code package with ``UpdateFunctionCode``, Lambda checks that the code package has a valid signature from a trusted publisher. The code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.\n Note that you configure [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/provisioned-concurrency.html) on a ``AWS::Lambda::Version`` or a ``AWS::Lambda::Alias``.\n For a complete introduction to Lambda functions, see [What is Lambda?](https://docs.aws.amazon.com/lambda/latest/dg/lambda-welcome.html) in the *Lambda developer guide.*",
+ "description": "The ``AWS::Lambda::Function`` resource creates a Lambda function. To create a function, you need a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) and an [execution role](https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html). The deployment package is a .zip file archive or container image that contains your function code. The execution role grants the function permission to use AWS services, such as Amazon CloudWatch Logs for log streaming and AWS X-Ray for request tracing.\n You set the package type to ``Image`` if the deployment package is a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html). For these functions, include the URI of the container image in the ECR registry in the [ImageUri property of the Code property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-imageuri). You do not need to specify the handler and runtime properties. \n You set the package type to ``Zip`` if the deployment package is a [.zip file archive](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html#gettingstarted-package-zip). For these functions, specify the S3 location of your .zip file in the ``Code`` property. Alternatively, for Node.js and Python functions, you can define your function inline in the [ZipFile property of the Code property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-zipfile). In both cases, you must also specify the handler and runtime properties.\n You can use [code signing](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html) if your deployment package is a .zip file archive. To enable code signing for this function, specify the ARN of a code-signing configuration. When a user attempts to deploy a code package with ``UpdateFunctionCode``, Lambda checks that the code package has a valid signature from a trusted publisher. The code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.\n When you update a ``AWS::Lambda::Function`` resource, CFNshort calls the [UpdateFunctionConfiguration](https://docs.aws.amazon.com/lambda/latest/api/API_UpdateFunctionConfiguration.html) and [UpdateFunctionCode](https://docs.aws.amazon.com/lambda/latest/api/API_UpdateFunctionCode.html) LAM APIs under the hood. Because these calls happen sequentially, and invocations can happen between these calls, your function may encounter errors in the time between the calls. For example, if you remove an environment variable, and the code that references that environment variable in the same CFNshort update, you may see invocation errors related to a missing environment variable. To work around this, you can invoke your function against a version or alias by default, rather than the ``$LATEST`` version.\n Note that you configure [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/provisioned-concurrency.html) on a ``AWS::Lambda::Version`` or a ``AWS::Lambda::Alias``.\n For a complete introduction to Lambda functions, see [What is Lambda?](https://docs.aws.amazon.com/lambda/latest/dg/lambda-welcome.html) in the *Lambda developer guide.*",
"handlers": {
"create": {
"permissions": [
@@ -332,7 +346,9 @@
"lambda:GetLayerVersion",
"lambda:GetRuntimeManagementConfig",
"lambda:PutRuntimeManagementConfig",
- "lambda:TagResource"
+ "lambda:TagResource",
+ "lambda:PutFunctionRecursionConfig",
+ "lambda:GetFunctionRecursionConfig"
]
},
"delete": {
@@ -350,7 +366,8 @@
"read": {
"permissions": [
"lambda:GetFunction",
- "lambda:GetFunctionCodeSigningConfig"
+ "lambda:GetFunctionCodeSigningConfig",
+ "lambda:GetFunctionRecursionConfig"
]
},
"update": {
@@ -358,7 +375,6 @@
"lambda:DeleteFunctionConcurrency",
"lambda:GetFunction",
"lambda:PutFunctionConcurrency",
- "lambda:ListTags",
"lambda:TagResource",
"lambda:UntagResource",
"lambda:UpdateFunctionConfiguration",
@@ -378,7 +394,9 @@
"lambda:PutFunctionCodeSigningConfig",
"lambda:DeleteFunctionCodeSigningConfig",
"lambda:GetCodeSigningConfig",
- "lambda:GetFunctionCodeSigningConfig"
+ "lambda:GetFunctionCodeSigningConfig",
+ "lambda:PutFunctionRecursionConfig",
+ "lambda:GetFunctionRecursionConfig"
]
}
},
@@ -406,11 +424,11 @@
},
"Code": {
"$ref": "#/definitions/Code",
- "description": "The code for the function."
+ "description": "The code for the function. You can define your function code in multiple ways:\n + For .zip deployment packages, you can specify the S3 location of the .zip file in the ``S3Bucket``, ``S3Key``, and ``S3ObjectVersion`` properties.\n + For .zip deployment packages, you can alternatively define the function code inline in the ``ZipFile`` property. This method works only for Node.js and Python functions.\n + For container images, specify the URI of your container image in the ECR registry in the ``ImageUri`` property."
},
"CodeSigningConfigArn": {
"description": "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.",
- "pattern": "arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}:\\d{12}:code-signing-config:csc-[a-z0-9]{17}",
+ "pattern": "arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}:\\d{12}:code-signing-config:csc-[a-z0-9]{17}",
"type": "string"
},
"DeadLetterConfig": {
@@ -454,7 +472,7 @@
"description": "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms)."
},
"KmsKeyArn": {
- "description": "The ARN of the KMSlong (KMS) customer managed key that's used to encrypt your function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption). When [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) is activated, Lambda also uses this key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to encrypt your function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). If you don't provide a customer managed key, Lambda uses a default service key.",
+ "description": "The ARN of the KMSlong (KMS) customer managed key that's used to encrypt the following resources:\n + The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption).\n + The function's [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) snapshots.\n + When used with ``SourceKMSKeyArn``, the unzipped version of the .zip deployment package that's used for function invocations. For more information, see [Specifying a customer managed key for Lambda](https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption).\n + The optimized version of the container image that's used for function invocations. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). For more information, see [Function lifecycle](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle).\n \n If you don't provide a customer managed key, Lambda uses an [owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk) or an [](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk).",
"pattern": "^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$",
"type": "string"
},
@@ -482,6 +500,10 @@
],
"type": "string"
},
+ "RecursiveLoop": {
+ "$ref": "#/definitions/RecursiveLoop",
+ "description": "The status of your function's recursive loop detection configuration.\n When this value is set to ``Allow``and Lambda detects your function being invoked as part of a recursive loop, it doesn't take any action.\n When this value is set to ``Terminate`` and Lambda detects your function being invoked as part of a recursive loop, it stops your function being invoked and notifies you."
+ },
"ReservedConcurrentExecutions": {
"description": "The number of simultaneous executions to reserve for the function.",
"minimum": 0,
@@ -509,7 +531,7 @@
"description": ""
},
"Tags": {
- "description": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.",
+ "description": "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.\n You must have the ``lambda:TagResource``, ``lambda:UntagResource``, and ``lambda:ListTags`` permissions for your [principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html) to manage the CFN stack. If you don't have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
@@ -543,6 +565,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "lambda:ListTags",
+ "lambda:TagResource",
+ "lambda:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
@@ -552,7 +579,6 @@
"writeOnlyProperties": [
"/properties/SnapStart",
"/properties/SnapStart/ApplyOn",
- "/properties/Code",
"/properties/Code/ImageUri",
"/properties/Code/S3Bucket",
"/properties/Code/S3Key",
diff --git a/schema/aws-lambda-layerversion.json b/schema/aws-lambda-layerversion.json
index 8cbace9..7a5c195 100644
--- a/schema/aws-lambda-layerversion.json
+++ b/schema/aws-lambda-layerversion.json
@@ -100,6 +100,9 @@
"type": "string"
}
},
+ "propertyTransform": {
+ "/properties/LayerName": "$split(LayerName, \":\")[-1] $OR LayerName"
+ },
"readOnlyProperties": [
"/properties/LayerVersionArn"
],
diff --git a/schema/aws-lambda-permission.json b/schema/aws-lambda-permission.json
index c5e99f8..af62d9d 100644
--- a/schema/aws-lambda-permission.json
+++ b/schema/aws-lambda-permission.json
@@ -89,7 +89,7 @@
"type": "string"
},
"Principal": {
- "description": "The AWS-service or AWS-account that invokes the function. If you specify a service, use ``SourceArn`` or ``SourceAccount`` to limit who can invoke the function through that service.",
+ "description": "The AWS-service, AWS-account, IAM user, or IAM role that invokes the function. If you specify a service, use ``SourceArn`` or ``SourceAccount`` to limit who can invoke the function through that service.",
"maxLength": 256,
"minLength": 1,
"pattern": "^.*$",
diff --git a/schema/aws-lambda-version.json b/schema/aws-lambda-version.json
index b7f0a28..ebb71fc 100644
--- a/schema/aws-lambda-version.json
+++ b/schema/aws-lambda-version.json
@@ -110,30 +110,12 @@
"type": "string"
},
"FunctionName": {
- "anyOf": [
- {
- "relationshipRef": {
- "propertyPath": "/properties/FunctionName",
- "typeName": "AWS::Lambda::Function"
- }
- },
- {
- "relationshipRef": {
- "propertyPath": "/properties/Arn",
- "typeName": "AWS::Lambda::Function"
- }
- }
- ],
"description": "The name of the Lambda function.",
"maxLength": 140,
"minLength": 1,
"pattern": "^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?$",
"type": "string"
},
- "Policy": {
- "description": "The resource policy of your function",
- "type": "object"
- },
"ProvisionedConcurrencyConfig": {
"$ref": "#/definitions/ProvisionedConcurrencyConfiguration",
"description": "Specifies a provisioned concurrency configuration for a function's version. Updates are not supported for this property."
diff --git a/schema/aws-launchwizard-deployment.json b/schema/aws-launchwizard-deployment.json
index a5ec5f8..7c0cbea 100644
--- a/schema/aws-launchwizard-deployment.json
+++ b/schema/aws-launchwizard-deployment.json
@@ -232,11 +232,15 @@
"required": [
"DeploymentPatternName",
"Name",
- "Specifications",
"WorkloadName"
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "launchwizard:ListTagsForResource",
+ "launchwizard:TagResource",
+ "launchwizard:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-lex-bot.json b/schema/aws-lex-bot.json
index e3f78c7..3264e5e 100644
--- a/schema/aws-lex-bot.json
+++ b/schema/aws-lex-bot.json
@@ -3,7 +3,6 @@
"definitions": {
"AdvancedRecognitionSetting": {
"additionalProperties": false,
- "description": "Provides settings that enable advanced recognition settings for slot values.",
"properties": {
"AudioRecognitionStrategy": {
"$ref": "#/definitions/AudioRecognitionStrategy"
@@ -13,14 +12,11 @@
},
"AllowedInputTypes": {
"additionalProperties": false,
- "description": "Specifies the allowed input types.",
"properties": {
"AllowAudioInput": {
- "description": "Indicates whether audio input is allowed.",
"type": "boolean"
},
"AllowDTMFInput": {
- "description": "Indicates whether DTMF input is allowed.",
"type": "boolean"
}
},
@@ -42,7 +38,6 @@
},
"AudioAndDTMFInputSpecification": {
"additionalProperties": false,
- "description": "Specifies the audio and DTMF input specification.",
"properties": {
"AudioSpecification": {
"$ref": "#/definitions/AudioSpecification"
@@ -51,7 +46,6 @@
"$ref": "#/definitions/DTMFSpecification"
},
"StartTimeoutMs": {
- "description": "Time for which a bot waits before assuming that the customer isn't going to speak or press a key. This timeout is shared between Audio and DTMF inputs.",
"minimum": 1,
"type": "integer"
}
@@ -63,7 +57,6 @@
},
"AudioLogDestination": {
"additionalProperties": false,
- "description": "The location of audio log files collected when conversation logging is enabled for a bot.",
"properties": {
"S3Bucket": {
"$ref": "#/definitions/S3BucketLogDestination"
@@ -76,13 +69,11 @@
},
"AudioLogSetting": {
"additionalProperties": false,
- "description": "Settings for logging audio of conversations between Amazon Lex and a user. You specify whether to log audio and the Amazon S3 bucket where the audio file is stored.",
"properties": {
"Destination": {
"$ref": "#/definitions/AudioLogDestination"
},
"Enabled": {
- "description": "",
"type": "boolean"
}
},
@@ -93,7 +84,6 @@
"type": "object"
},
"AudioLogSettings": {
- "description": "List of audio log settings that pertain to the conversation log settings for the bot's TestBotAlias.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/AudioLogSetting"
@@ -103,7 +93,6 @@
"uniqueItems": true
},
"AudioRecognitionStrategy": {
- "description": "Enables using slot values as a custom vocabulary when recognizing user utterances.",
"enum": [
"UseSlotValuesAsCustomVocabulary"
],
@@ -111,15 +100,12 @@
},
"AudioSpecification": {
"additionalProperties": false,
- "description": "Specifies the audio input specifications.",
"properties": {
"EndTimeoutMs": {
- "description": "Time for which a bot waits after the customer stops speaking to assume the utterance is finished.",
"minimum": 1,
"type": "integer"
},
"MaxLengthMs": {
- "description": "Time for how long Amazon Lex waits before speech input is truncated and the speech is returned to application.",
"minimum": 1,
"type": "integer"
}
@@ -130,15 +116,95 @@
],
"type": "object"
},
+ "BedrockAgentIntentConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "BedrockAgentConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "BedrockAgentAliasId": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BedrockAgentId": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "BedrockAgentIntentKnowledgeBaseConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "BedrockKnowledgeBaseArn": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BedrockModelConfiguration": {
+ "$ref": "#/definitions/BedrockModelSpecification"
+ }
+ },
+ "required": [
+ "BedrockKnowledgeBaseArn",
+ "BedrockModelConfiguration"
+ ],
+ "type": "object"
+ }
+ },
+ "type": "object"
+ },
+ "BedrockModelSpecification": {
+ "additionalProperties": false,
+ "properties": {
+ "BedrockGuardrailConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "BedrockGuardrailIdentifier": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BedrockGuardrailVersion": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "BedrockModelCustomPrompt": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BedrockTraceStatus": {
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "ModelArn": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "ModelArn"
+ ],
+ "type": "object"
+ },
"BotAliasLocaleSettings": {
"additionalProperties": false,
- "description": "You can use this parameter to specify a specific Lambda function to run different functions in different locales.",
"properties": {
"CodeHookSpecification": {
"$ref": "#/definitions/CodeHookSpecification"
},
"Enabled": {
- "description": "Whether the Lambda code hook is enabled",
"type": "boolean"
}
},
@@ -149,13 +215,11 @@
},
"BotAliasLocaleSettingsItem": {
"additionalProperties": false,
- "description": "A locale setting in alias",
"properties": {
"BotAliasLocaleSetting": {
"$ref": "#/definitions/BotAliasLocaleSettings"
},
"LocaleId": {
- "description": "A string used to identify the locale",
"maxLength": 128,
"minLength": 1,
"type": "string"
@@ -168,7 +232,6 @@
"type": "object"
},
"BotAliasLocaleSettingsList": {
- "description": "A list of bot alias locale settings to add to the bot alias.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/BotAliasLocaleSettingsItem"
@@ -185,7 +248,6 @@
},
"BotLocale": {
"additionalProperties": false,
- "description": "A locale in the bot, which contains the intents and slot types that the bot uses in conversations with users in the specified language and locale.",
"properties": {
"CustomVocabulary": {
"$ref": "#/definitions/CustomVocabulary"
@@ -194,7 +256,6 @@
"$ref": "#/definitions/Description"
},
"Intents": {
- "description": "List of intents",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Intent"
@@ -210,7 +271,6 @@
"$ref": "#/definitions/ConfidenceThreshold"
},
"SlotTypes": {
- "description": "List of SlotTypes",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/SlotType"
@@ -231,16 +291,13 @@
},
"Button": {
"additionalProperties": false,
- "description": "A button to use on a response card used to gather slot values from a user.",
"properties": {
"Text": {
- "description": "The text that appears on the button.",
"maxLength": 50,
"minLength": 1,
"type": "string"
},
"Value": {
- "description": "The value returned to Amazon Lex when the user chooses this button.",
"maxLength": 50,
"minLength": 1,
"type": "string"
@@ -256,13 +313,11 @@
"additionalProperties": false,
"properties": {
"CloudWatchLogGroupArn": {
- "description": "A string used to identify the groupArn for the Cloudwatch Log Group",
"maxLength": 2048,
"minLength": 1,
"type": "string"
},
"LogPrefix": {
- "description": "A string containing the value for the Log Prefix",
"maxLength": 1024,
"minLength": 0,
"type": "string"
@@ -276,7 +331,6 @@
},
"CodeHookSpecification": {
"additionalProperties": false,
- "description": "Contains information about code hooks that Amazon Lex calls during a conversation.",
"properties": {
"LambdaCodeHook": {
"$ref": "#/definitions/LambdaCodeHook"
@@ -287,13 +341,27 @@
],
"type": "object"
},
+ "CompositeSlotTypeSetting": {
+ "additionalProperties": false,
+ "properties": {
+ "SubSlots": {
+ "insertionOrder": true,
+ "items": {
+ "$ref": "#/definitions/SubSlotTypeComposition"
+ },
+ "maxItems": 6,
+ "minItems": 1,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "type": "object"
+ },
"Condition": {
"additionalProperties": false,
- "description": "Provides an expression that evaluates to true or false.",
"properties": {
"ExpressionString": {
- "$ref": "#/definitions/ConditionExpression",
- "description": "The expression string that is evaluated."
+ "$ref": "#/definitions/ConditionExpression"
}
},
"required": [
@@ -302,14 +370,12 @@
"type": "object"
},
"ConditionExpression": {
- "description": "Expression that is evaluated to true or false at runtime.",
"maxLength": 1024,
"minLength": 1,
"type": "string"
},
"Conditional": {
"additionalProperties": false,
- "description": "Contains conditional branches to fork the conversation flow.",
"properties": {
"ConditionalBranches": {
"$ref": "#/definitions/ConditionalBranches"
@@ -326,23 +392,18 @@
},
"ConditionalBranch": {
"additionalProperties": false,
- "description": "A set of actions that Amazon Lex should run if the condition is matched.",
"properties": {
"Condition": {
- "$ref": "#/definitions/Condition",
- "description": "Contains the expression to evaluate. If the condition is true, the branch's actions are taken."
+ "$ref": "#/definitions/Condition"
},
"Name": {
- "$ref": "#/definitions/Name",
- "description": "The name of the branch."
+ "$ref": "#/definitions/Name"
},
"NextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "The next step in the conversation."
+ "$ref": "#/definitions/DialogState"
},
"Response": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
}
},
"required": [
@@ -353,7 +414,6 @@
"type": "object"
},
"ConditionalBranches": {
- "description": "A list of 1 to 4 conditional branches to fork the conversation flow.",
"insertionOrder": true,
"items": {
"$ref": "#/definitions/ConditionalBranch"
@@ -364,18 +424,14 @@
},
"ConditionalSpecification": {
"additionalProperties": false,
- "description": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition.",
"properties": {
"ConditionalBranches": {
- "$ref": "#/definitions/ConditionalBranches",
- "description": "A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true."
+ "$ref": "#/definitions/ConditionalBranches"
},
"DefaultBranch": {
- "$ref": "#/definitions/DefaultConditionalBranch",
- "description": "The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step."
+ "$ref": "#/definitions/DefaultConditionalBranch"
},
"IsActive": {
- "description": "Determines whether a conditional branch is active. When active is false, the conditions are not evaluated.",
"type": "boolean"
}
},
@@ -387,26 +443,22 @@
"type": "object"
},
"ConfidenceThreshold": {
- "description": "The specified confidence threshold for inserting the AMAZON.FallbackIntent and AMAZON.KendraSearchIntent intents.",
"maximum": 1,
"minimum": 0,
"type": "number"
},
"ContextTimeToLiveInSeconds": {
- "description": "The amount of time, in seconds, that the output context should remain active.",
"maximum": 86400,
"minimum": 5,
"type": "integer"
},
"ContextTurnsToLive": {
- "description": "The number of conversation turns that the output context should remain active.",
"maximum": 20,
"minimum": 1,
"type": "integer"
},
"ConversationLogSettings": {
"additionalProperties": false,
- "description": "Contains information about code hooks that Amazon Lex calls during a conversation.",
"properties": {
"AudioLogSettings": {
"$ref": "#/definitions/AudioLogSettings"
@@ -419,10 +471,8 @@
},
"CustomPayload": {
"additionalProperties": false,
- "description": "A message in a custom format defined by the client application.",
"properties": {
"Value": {
- "description": "The string that is sent to your application.",
"maxLength": 1000,
"minLength": 1,
"type": "string"
@@ -435,7 +485,6 @@
},
"CustomVocabulary": {
"additionalProperties": false,
- "description": "A custom vocabulary is a list of specific phrases that you want Amazon Lex V2 to recognize in the audio input.",
"properties": {
"CustomVocabularyItems": {
"$ref": "#/definitions/CustomVocabularyItems"
@@ -448,22 +497,18 @@
},
"CustomVocabularyItem": {
"additionalProperties": false,
- "description": "A custom vocabulary item that contains the phrase to recognize and a weight to give the boost.",
"properties": {
"DisplayAs": {
- "description": "Defines how you want your phrase to look in your transcription output.",
"maxLength": 100,
"minLength": 1,
"type": "string"
},
"Phrase": {
- "description": "Phrase that should be recognized.",
"maxLength": 100,
"minLength": 1,
"type": "string"
},
"Weight": {
- "description": "The degree to which the phrase recognition is boosted. The weight 0 means that no boosting will be applied and the entry will only be used for performing replacements using the displayAs field.",
"maximum": 3,
"minimum": 0,
"type": "integer"
@@ -485,25 +530,20 @@
},
"DTMFSpecification": {
"additionalProperties": false,
- "description": "Specifies the settings on DTMF input.",
"properties": {
"DeletionCharacter": {
- "description": "The DTMF character that clears the accumulated DTMF digits and immediately ends the input.",
"pattern": "^[A-D0-9#*]{1}$",
"type": "string"
},
"EndCharacter": {
- "description": "The DTMF character that immediately ends input. If the user does not press this character, the input ends after the end timeout.",
"pattern": "^[A-D0-9#*]{1}$",
"type": "string"
},
"EndTimeoutMs": {
- "description": "How long the bot should wait after the last DTMF character input before assuming that the input has concluded.",
"minimum": 1,
"type": "integer"
},
"MaxLength": {
- "description": "The maximum number of DTMF digits allowed in an utterance.",
"maximum": 1024,
"minimum": 1,
"type": "integer"
@@ -519,10 +559,8 @@
},
"DataPrivacy": {
"additionalProperties": false,
- "description": "Provides information on additional privacy protections Amazon Lex should use with the bot's data.",
"properties": {
"ChildDirected": {
- "description": "Specify whether your use of Amazon Lex is related to application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA).",
"type": "boolean"
}
},
@@ -533,15 +571,12 @@
},
"DefaultConditionalBranch": {
"additionalProperties": false,
- "description": "A set of actions that Amazon Lex should run if none of the other conditions are met.",
"properties": {
"NextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "The next step in the conversation."
+ "$ref": "#/definitions/DialogState"
},
"Response": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
}
},
"type": "object"
@@ -553,19 +588,15 @@
},
"DialogAction": {
"additionalProperties": false,
- "description": "Defines the action that the bot executes at runtime when the conversation reaches this step.",
"properties": {
"SlotToElicit": {
- "$ref": "#/definitions/Name",
- "description": "If the dialog action is ElicitSlot, defines the slot to elicit from the user."
+ "$ref": "#/definitions/Name"
},
"SuppressNextMessage": {
- "description": "When true the next message for the intent is not used.",
"type": "boolean"
},
"Type": {
- "$ref": "#/definitions/DialogActionType",
- "description": "The action that the bot should execute."
+ "$ref": "#/definitions/DialogActionType"
}
},
"required": [
@@ -574,7 +605,6 @@
"type": "object"
},
"DialogActionType": {
- "description": "The possible values of actions that the conversation can take.",
"enum": [
"CloseIntent",
"ConfirmIntent",
@@ -590,23 +620,18 @@
},
"DialogCodeHookInvocationSetting": {
"additionalProperties": false,
- "description": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation.",
"properties": {
"EnableCodeHookInvocation": {
- "description": "Indicates whether a Lambda function should be invoked for the dialog.",
"type": "boolean"
},
"InvocationLabel": {
- "$ref": "#/definitions/Name",
- "description": "A label that indicates the dialog step from which the dialog code hook is happening."
+ "$ref": "#/definitions/Name"
},
"IsActive": {
- "description": "Determines whether a dialog code hook is used when the intent is activated.",
"type": "boolean"
},
"PostCodeHookSpecification": {
- "$ref": "#/definitions/PostDialogCodeHookInvocationSpecification",
- "description": "Contains the responses and actions that Amazon Lex takes after the Lambda function is complete."
+ "$ref": "#/definitions/PostDialogCodeHookInvocationSpecification"
}
},
"required": [
@@ -618,7 +643,6 @@
},
"DialogCodeHookSetting": {
"additionalProperties": false,
- "description": "Settings that determine the Lambda function that Amazon Lex uses for processing user responses.",
"properties": {
"Enabled": {
"type": "boolean"
@@ -631,18 +655,14 @@
},
"DialogState": {
"additionalProperties": false,
- "description": "The current state of the conversation with the user.",
"properties": {
"DialogAction": {
- "$ref": "#/definitions/DialogAction",
- "description": "Defines the action that the bot executes at runtime when the conversation reaches this step."
+ "$ref": "#/definitions/DialogAction"
},
"Intent": {
- "$ref": "#/definitions/IntentOverride",
- "description": "Override settings to configure the intent state."
+ "$ref": "#/definitions/IntentOverride"
},
"SessionAttributes": {
- "description": "List of session attributes to be applied when the conversation reaches this step.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/SessionAttribute"
@@ -654,15 +674,12 @@
},
"ElicitationCodeHookInvocationSetting": {
"additionalProperties": false,
- "description": "Settings that specify the dialog code hook that is called by Amazon Lex between eliciting slot values.",
"properties": {
"EnableCodeHookInvocation": {
- "description": "Indicates whether a Lambda function should be invoked for the dialog.",
"type": "boolean"
},
"InvocationLabel": {
- "$ref": "#/definitions/Name",
- "description": "A label that indicates the dialog step from which the dialog code hook is happening."
+ "$ref": "#/definitions/Name"
}
},
"required": [
@@ -672,7 +689,6 @@
},
"ExternalSourceSetting": {
"additionalProperties": false,
- "description": "Provides information about the external source of the slot type's definition.",
"properties": {
"GrammarSlotTypeSetting": {
"$ref": "#/definitions/GrammarSlotTypeSetting"
@@ -682,7 +698,6 @@
},
"FulfillmentCodeHookSetting": {
"additionalProperties": false,
- "description": "Settings that determine if a Lambda function should be invoked to fulfill a specific intent.",
"properties": {
"Enabled": {
"type": "boolean"
@@ -691,7 +706,6 @@
"$ref": "#/definitions/FulfillmentUpdatesSpecification"
},
"IsActive": {
- "description": "Determines whether the fulfillment code hook is used. When active is false, the code hook doesn't run.",
"type": "boolean"
},
"PostFulfillmentStatusSpecification": {
@@ -705,14 +719,11 @@
},
"FulfillmentStartResponseSpecification": {
"additionalProperties": false,
- "description": "Provides settings for a message that is sent to the user when a fulfillment Lambda function starts running.",
"properties": {
"AllowInterrupt": {
- "description": "Determines whether the user can interrupt the start message while it is playing.",
"type": "boolean"
},
"DelayInSeconds": {
- "description": "The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played.",
"maximum": 900,
"minimum": 1,
"type": "integer"
@@ -729,14 +740,11 @@
},
"FulfillmentUpdateResponseSpecification": {
"additionalProperties": false,
- "description": "Provides settings for a message that is sent periodically to the user while a fulfillment Lambda function is running.",
"properties": {
"AllowInterrupt": {
- "description": "Determines whether the user can interrupt an update message while it is playing.",
"type": "boolean"
},
"FrequencyInSeconds": {
- "description": "The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user.",
"maximum": 900,
"minimum": 1,
"type": "integer"
@@ -753,17 +761,14 @@
},
"FulfillmentUpdatesSpecification": {
"additionalProperties": false,
- "description": "Provides information for updating the user on the progress of fulfilling an intent.",
"properties": {
"Active": {
- "description": "Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent.",
"type": "boolean"
},
"StartResponse": {
"$ref": "#/definitions/FulfillmentStartResponseSpecification"
},
"TimeoutInSeconds": {
- "description": "The length of time that the fulfillment Lambda function should run before it times out.",
"maximum": 900,
"minimum": 1,
"type": "integer"
@@ -779,7 +784,6 @@
},
"GrammarSlotTypeSetting": {
"additionalProperties": false,
- "description": "Settings required for a slot type based on a grammar that you provide.",
"properties": {
"Source": {
"$ref": "#/definitions/GrammarSlotTypeSource"
@@ -789,22 +793,18 @@
},
"GrammarSlotTypeSource": {
"additionalProperties": false,
- "description": "Describes the Amazon S3 bucket name and location for the grammar that is the source for the slot type.",
"properties": {
"KmsKeyArn": {
- "description": "The Amazon KMS key required to decrypt the contents of the grammar, if any.",
"maxLength": 2048,
"minLength": 20,
"pattern": "^arn:[\\w\\-]+:kms:[\\w\\-]+:[\\d]{12}:(?:key\\/[\\w\\-]+|alias\\/[a-zA-Z0-9:\\/_\\-]{1,256})$",
"type": "string"
},
"S3BucketName": {
- "$ref": "#/definitions/S3BucketName",
- "description": "The name of the S3 bucket that contains the grammar source."
+ "$ref": "#/definitions/S3BucketName"
},
"S3ObjectKey": {
- "$ref": "#/definitions/S3ObjectKey",
- "description": "The path to the grammar in the S3 bucket."
+ "$ref": "#/definitions/S3ObjectKey"
}
},
"required": [
@@ -814,24 +814,20 @@
"type": "object"
},
"Id": {
- "description": "Unique ID of resource",
"maxLength": 10,
"minLength": 10,
"pattern": "^[0-9a-zA-Z]+$",
"type": "string"
},
"IdleSessionTTLInSeconds": {
- "description": "The time, in seconds, that Amazon Lex should keep information about a user's conversation with the bot.",
"maximum": 86400,
"minimum": 60,
"type": "integer"
},
"ImageResponseCard": {
"additionalProperties": false,
- "description": "A message that defines a response card that the client application can show to the user.",
"properties": {
"Buttons": {
- "description": "A list of buttons that should be displayed on the response card.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Button"
@@ -840,16 +836,13 @@
"type": "array"
},
"ImageUrl": {
- "$ref": "#/definitions/AttachmentUrl",
- "description": "The URL of an image to display on the response card."
+ "$ref": "#/definitions/AttachmentUrl"
},
"Subtitle": {
- "$ref": "#/definitions/AttachmentTitle",
- "description": "The subtitle to display on the response card."
+ "$ref": "#/definitions/AttachmentTitle"
},
"Title": {
- "$ref": "#/definitions/AttachmentTitle",
- "description": "The title to display on the response card."
+ "$ref": "#/definitions/AttachmentTitle"
}
},
"required": [
@@ -859,34 +852,27 @@
},
"InitialResponseSetting": {
"additionalProperties": false,
- "description": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots.",
"properties": {
"CodeHook": {
- "$ref": "#/definitions/DialogCodeHookInvocationSetting",
- "description": "Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation."
+ "$ref": "#/definitions/DialogCodeHookInvocationSetting"
},
"Conditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"InitialResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
},
"NextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "The next step in the conversation."
+ "$ref": "#/definitions/DialogState"
}
},
"type": "object"
},
"InputContext": {
"additionalProperties": false,
- "description": "InputContext specified for the intent.",
"properties": {
"Name": {
- "$ref": "#/definitions/Name",
- "description": "The name of the context."
+ "$ref": "#/definitions/Name"
}
},
"required": [
@@ -895,7 +881,6 @@
"type": "object"
},
"InputContextsList": {
- "description": "The list of input contexts specified for the intent.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/InputContext"
@@ -905,8 +890,10 @@
},
"Intent": {
"additionalProperties": false,
- "description": "Represents an action that the user wants to perform.",
"properties": {
+ "BedrockAgentIntentConfiguration": {
+ "$ref": "#/definitions/BedrockAgentIntentConfiguration"
+ },
"Description": {
"$ref": "#/definitions/Description",
"description": "Description of thr intent."
@@ -918,8 +905,7 @@
"$ref": "#/definitions/FulfillmentCodeHookSetting"
},
"InitialResponseSetting": {
- "$ref": "#/definitions/InitialResponseSetting",
- "description": "Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots."
+ "$ref": "#/definitions/InitialResponseSetting"
},
"InputContexts": {
"$ref": "#/definitions/InputContextsList"
@@ -934,8 +920,7 @@
"$ref": "#/definitions/KendraConfiguration"
},
"Name": {
- "$ref": "#/definitions/Name",
- "description": "The name of the intent."
+ "$ref": "#/definitions/Name"
},
"OutputContexts": {
"$ref": "#/definitions/OutputContextsList"
@@ -943,15 +928,19 @@
"ParentIntentSignature": {
"$ref": "#/definitions/ParentIntentSignature"
},
+ "QInConnectIntentConfiguration": {
+ "$ref": "#/definitions/QInConnectIntentConfiguration"
+ },
+ "QnAIntentConfiguration": {
+ "$ref": "#/definitions/QnAIntentConfiguration"
+ },
"SampleUtterances": {
- "$ref": "#/definitions/SampleUtterancesList",
- "description": "A sample utterance that invokes an intent or respond to a slot elicitation prompt."
+ "$ref": "#/definitions/SampleUtterancesList"
},
"SlotPriorities": {
"$ref": "#/definitions/SlotPrioritiesList"
},
"Slots": {
- "description": "List of slots",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Slot"
@@ -968,82 +957,63 @@
},
"IntentClosingSetting": {
"additionalProperties": false,
- "description": "Provides a statement the Amazon Lex conveys to the user when the intent is successfully fulfilled.",
"properties": {
"ClosingResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "The response that Amazon Lex sends to the user when the intent is complete."
+ "$ref": "#/definitions/ResponseSpecification"
},
"Conditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "A list of conditional branches associated with the intent's closing response. These branches are executed when the nextStep attribute is set to EvalutateConditional."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"IsActive": {
- "description": "Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the active field isn't specified, the default is true.",
"type": "boolean"
},
"NextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "Specifies the next step that the bot executes after playing the intent's closing response."
+ "$ref": "#/definitions/DialogState"
}
},
"type": "object"
},
"IntentConfirmationSetting": {
"additionalProperties": false,
- "description": "Provides a prompt for making sure that the user is ready for the intent to be fulfilled.",
"properties": {
"CodeHook": {
- "$ref": "#/definitions/DialogCodeHookInvocationSetting",
- "description": "The DialogCodeHookInvocationSetting object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is InvokeDialogCodeHook."
+ "$ref": "#/definitions/DialogCodeHookInvocationSetting"
},
"ConfirmationConditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "A list of conditional branches to evaluate after the intent is closed."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"ConfirmationNextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "Specifies the next step that the bot executes when the customer confirms the intent."
+ "$ref": "#/definitions/DialogState"
},
"ConfirmationResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
},
"DeclinationConditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "A list of conditional branches to evaluate after the intent is declined."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"DeclinationNextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "Specifies the next step that the bot executes when the customer declines the intent."
+ "$ref": "#/definitions/DialogState"
},
"DeclinationResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "When the user answers \"no\" to the question defined in promptSpecification, Amazon Lex responds with this response to acknowledge that the intent was canceled."
+ "$ref": "#/definitions/ResponseSpecification"
},
"ElicitationCodeHook": {
- "$ref": "#/definitions/ElicitationCodeHookInvocationSetting",
- "description": "The DialogCodeHookInvocationSetting used when the code hook is invoked during confirmation prompt retries."
+ "$ref": "#/definitions/ElicitationCodeHookInvocationSetting"
},
"FailureConditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"FailureNextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "The next step to take in the conversation if the confirmation step fails."
+ "$ref": "#/definitions/DialogState"
},
"FailureResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
},
"IsActive": {
- "description": "Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the active field isn't specified, the default is true.",
"type": "boolean"
},
"PromptSpecification": {
- "$ref": "#/definitions/PromptSpecification",
- "description": "Prompts the user to confirm the intent. This question should have a yes or no answer."
+ "$ref": "#/definitions/PromptSpecification"
}
},
"required": [
@@ -1053,14 +1023,11 @@
},
"IntentOverride": {
"additionalProperties": false,
- "description": "Override settings to configure the intent state.",
"properties": {
"Name": {
- "$ref": "#/definitions/Name",
- "description": "The name of the intent. Only required when you're switching intents."
+ "$ref": "#/definitions/Name"
},
"Slots": {
- "description": "A map of all of the slot value overrides for the intent.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/SlotValueOverrideMap"
@@ -1072,7 +1039,6 @@
},
"KendraConfiguration": {
"additionalProperties": false,
- "description": "Configuration for searching a Amazon Kendra index specified for the intent.",
"properties": {
"KendraIndex": {
"$ref": "#/definitions/KendraIndexArn"
@@ -1081,7 +1047,6 @@
"$ref": "#/definitions/QueryFilterString"
},
"QueryFilterStringEnabled": {
- "description": "Determines whether the AMAZON.KendraSearchIntent intent uses a custom query string to query the Amazon Kendra index.",
"type": "boolean"
}
},
@@ -1091,7 +1056,6 @@
"type": "object"
},
"KendraIndexArn": {
- "description": "The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the AMAZON.KendraSearchIntent intent to search.",
"maxLength": 2048,
"minLength": 32,
"pattern": "^arn:aws[a-zA-Z-]*:kendra:[a-z]+-[a-z]+-[0-9]:[0-9]{12}:index/[a-zA-Z0-9][a-zA-Z0-9_-]*$",
@@ -1099,16 +1063,13 @@
},
"LambdaCodeHook": {
"additionalProperties": false,
- "description": "Contains information about code hooks that Amazon Lex calls during a conversation.",
"properties": {
"CodeHookInterfaceVersion": {
- "description": "The version of the request-response that you want Amazon Lex to use to invoke your Lambda function.",
"maxLength": 5,
"minLength": 1,
"type": "string"
},
"LambdaArn": {
- "description": "The Amazon Resource Name (ARN) of the Lambda function.",
"maxLength": 2048,
"minLength": 20,
"type": "string"
@@ -1121,12 +1082,10 @@
"type": "object"
},
"LocaleId": {
- "description": "The identifier of the language and locale that the bot will be used in.",
"type": "string"
},
"Message": {
"additionalProperties": false,
- "description": "The primary message that Amazon Lex should send to the user.",
"properties": {
"CustomPayload": {
"$ref": "#/definitions/CustomPayload"
@@ -1146,13 +1105,11 @@
},
"MessageGroup": {
"additionalProperties": false,
- "description": "One or more messages that Amazon Lex can send to the user.",
"properties": {
"Message": {
"$ref": "#/definitions/Message"
},
"Variations": {
- "description": "Message variations to send to the user.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Message"
@@ -1167,7 +1124,6 @@
"type": "object"
},
"MessageGroupsList": {
- "description": "One to 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/MessageGroup"
@@ -1177,7 +1133,6 @@
"type": "array"
},
"MessageSelectionStrategy": {
- "description": "Indicates how a message is selected from a message group among retries.",
"enum": [
"Random",
"Ordered"
@@ -1186,7 +1141,6 @@
},
"MultipleValuesSetting": {
"additionalProperties": false,
- "description": "Indicates whether a slot can return multiple values.",
"properties": {
"AllowMultipleValues": {
"type": "boolean"
@@ -1196,7 +1150,6 @@
"type": "object"
},
"Name": {
- "description": "Unique name for a resource.",
"maxLength": 100,
"minLength": 1,
"pattern": "^([0-9a-zA-Z][_-]?)+$",
@@ -1204,10 +1157,8 @@
},
"ObfuscationSetting": {
"additionalProperties": false,
- "description": "Determines whether Amazon Lex obscures slot values in conversation logs.",
"properties": {
"ObfuscationSettingType": {
- "description": "Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values.",
"enum": [
"None",
"DefaultObfuscation"
@@ -1222,7 +1173,6 @@
},
"OutputContext": {
"additionalProperties": false,
- "description": "A session context that is activated when an intent is fulfilled.",
"properties": {
"Name": {
"$ref": "#/definitions/Name"
@@ -1242,7 +1192,6 @@
"type": "object"
},
"OutputContextsList": {
- "description": "A list of contexts that the intent activates when it is fulfilled.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/OutputContext"
@@ -1251,19 +1200,15 @@
"type": "array"
},
"ParentIntentSignature": {
- "description": "A unique identifier for the built-in intent to base this intent on.",
"type": "string"
},
"ParentSlotTypeSignature": {
- "description": "The built-in slot type used as a parent of this slot type.",
"type": "string"
},
"PlainTextMessage": {
"additionalProperties": false,
- "description": "A message in plain text format.",
"properties": {
"Value": {
- "description": "The message to send to the user.",
"maxLength": 1000,
"minLength": 1,
"type": "string"
@@ -1276,103 +1221,80 @@
},
"PostDialogCodeHookInvocationSpecification": {
"additionalProperties": false,
- "description": "Specifies next steps to run after the dialog code hook finishes.",
"properties": {
"FailureConditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"FailureNextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the State field of the Intent object set to Failed."
+ "$ref": "#/definitions/DialogState"
},
"FailureResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
},
"SuccessConditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "A list of conditional branches to evaluate after the dialog code hook finishes successfully."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"SuccessNextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "Specifics the next step the bot runs after the dialog code hook finishes successfully."
+ "$ref": "#/definitions/DialogState"
},
"SuccessResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
},
"TimeoutConditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "A list of conditional branches to evaluate if the code hook times out."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"TimeoutNextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "Specifies the next step that the bot runs when the code hook times out."
+ "$ref": "#/definitions/DialogState"
},
"TimeoutResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
}
},
"type": "object"
},
"PostFulfillmentStatusSpecification": {
"additionalProperties": false,
- "description": "Provides a setting that determines whether the post-fulfillment response is sent to the user.",
"properties": {
"FailureConditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the State field of the Intent object set to Failed."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"FailureNextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the State field of the Intent object set to Failed."
+ "$ref": "#/definitions/DialogState"
},
"FailureResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
},
"SuccessConditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "A list of conditional branches to evaluate after the fulfillment code hook finishes successfully."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"SuccessNextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully."
+ "$ref": "#/definitions/DialogState"
},
"SuccessResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
},
"TimeoutConditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "A list of conditional branches to evaluate if the fulfillment code hook times out."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"TimeoutNextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "Specifies the next step that the bot runs when the fulfillment code hook times out."
+ "$ref": "#/definitions/DialogState"
},
"TimeoutResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
}
},
"required": [],
"type": "object"
},
"PriorityValue": {
- "description": "The priority that a slot should be elicited.",
"maximum": 100,
"minimum": 0,
"type": "integer"
},
"PromptAttemptSpecification": {
"additionalProperties": false,
- "description": "Specifies the settings on a prompt attempt.",
"properties": {
"AllowInterrupt": {
- "description": "Indicates whether the user can interrupt a speech prompt attempt from the bot.",
"type": "boolean"
},
"AllowedInputTypes": {
@@ -1391,17 +1313,14 @@
"type": "object"
},
"PromptMaxRetries": {
- "description": "The maximum number of times the bot tries to elicit a response from the user using this prompt.",
"maximum": 5,
"minimum": 0,
"type": "integer"
},
"PromptSpecification": {
"additionalProperties": false,
- "description": "Prompts the user to confirm the intent.",
"properties": {
"AllowInterrupt": {
- "description": "Indicates whether the user can interrupt a speech prompt from the bot.",
"type": "boolean"
},
"MaxRetries": {
@@ -1415,7 +1334,6 @@
},
"PromptAttemptsSpecification": {
"additionalProperties": false,
- "description": "Specifies the advanced settings on each attempt of the prompt.",
"patternProperties": {
"^(Initial|Retry1|Retry2|Retry3|Retry4|Retry5)$": {
"$ref": "#/definitions/PromptAttemptSpecification"
@@ -1430,18 +1348,179 @@
],
"type": "object"
},
+ "QInConnectIntentConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "QInConnectAssistantConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "AssistantArn": {
+ "maxLength": 200,
+ "minLength": 1,
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "AssistantArn"
+ ],
+ "type": "object"
+ }
+ },
+ "type": "object"
+ },
+ "QnAIntentConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "BedrockModelConfiguration": {
+ "$ref": "#/definitions/BedrockModelSpecification"
+ },
+ "DataSourceConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "BedrockKnowledgeStoreConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "BKBExactResponseFields": {
+ "additionalProperties": false,
+ "properties": {
+ "AnswerField": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "BedrockKnowledgeBaseArn": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ExactResponse": {
+ "type": "boolean"
+ }
+ },
+ "type": "object"
+ },
+ "KendraConfiguration": {
+ "$ref": "#/definitions/QnAKendraConfiguration"
+ },
+ "OpensearchConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "DomainEndpoint": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ExactResponse": {
+ "type": "boolean"
+ },
+ "ExactResponseFields": {
+ "additionalProperties": false,
+ "properties": {
+ "AnswerField": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ },
+ "QuestionField": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "IncludeFields": {
+ "insertionOrder": false,
+ "items": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "IndexName": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "required": [
+ "DataSourceConfiguration",
+ "BedrockModelConfiguration"
+ ],
+ "type": "object"
+ },
+ "QnAKendraConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ExactResponse": {
+ "type": "boolean"
+ },
+ "KendraIndex": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ },
+ "QueryFilterString": {
+ "maxLength": 5000,
+ "minLength": 1,
+ "type": "string"
+ },
+ "QueryFilterStringEnabled": {
+ "type": "boolean"
+ }
+ },
+ "required": [
+ "KendraIndex",
+ "QueryFilterStringEnabled",
+ "ExactResponse"
+ ],
+ "type": "object"
+ },
"QueryFilterString": {
- "description": "A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query.",
"maxLength": 5000,
"minLength": 1,
"type": "string"
},
+ "ReplicaRegion": {
+ "description": "The secondary region that will be used in the replication of the source bot.",
+ "maxLength": 25,
+ "minLength": 2,
+ "type": "string"
+ },
+ "Replication": {
+ "additionalProperties": false,
+ "properties": {
+ "ReplicaRegions": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/ReplicaRegion"
+ },
+ "maxItems": 1,
+ "minItems": 1,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "required": [
+ "ReplicaRegions"
+ ],
+ "type": "object"
+ },
"ResponseSpecification": {
"additionalProperties": false,
- "description": "A list of message groups that Amazon Lex uses to respond the user input.",
"properties": {
"AllowInterrupt": {
- "description": "Indicates whether the user can interrupt a speech prompt from the bot.",
"type": "boolean"
},
"MessageGroupsList": {
@@ -1454,7 +1533,6 @@
"type": "object"
},
"RoleArn": {
- "description": "The Amazon Resource Name (ARN) of an IAM role that has permission to access the bot.",
"maxLength": 2048,
"minLength": 32,
"pattern": "^arn:aws[a-zA-Z-]*:iam::[0-9]{12}:role/.*$",
@@ -1462,23 +1540,19 @@
},
"S3BucketLogDestination": {
"additionalProperties": false,
- "description": "Specifies an Amazon S3 bucket for logging audio conversations",
"properties": {
"KmsKeyArn": {
- "description": "The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an S3 bucket.",
"maxLength": 2048,
"minLength": 20,
"pattern": "^arn:[\\w\\-]+:kms:[\\w\\-]+:[\\d]{12}:(?:key\\/[\\w\\-]+|alias\\/[a-zA-Z0-9:\\/_\\-]{1,256})$",
"type": "string"
},
"LogPrefix": {
- "description": "The Amazon S3 key of the deployment package.",
"maxLength": 1024,
"minLength": 0,
"type": "string"
},
"S3BucketArn": {
- "description": "The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored.",
"maxLength": 2048,
"minLength": 1,
"pattern": "^arn:[\\w\\-]+:s3:::[a-z0-9][\\.\\-a-z0-9]{1,61}[a-z0-9]$",
@@ -1499,18 +1573,14 @@
},
"S3Location": {
"additionalProperties": false,
- "description": "S3 location of bot definitions zip file, if it's not defined inline in CloudFormation.",
"properties": {
"S3Bucket": {
- "$ref": "#/definitions/S3BucketName",
- "description": "An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account."
+ "$ref": "#/definitions/S3BucketName"
},
"S3ObjectKey": {
- "$ref": "#/definitions/S3ObjectKey",
- "description": "The Amazon S3 key of the deployment package."
+ "$ref": "#/definitions/S3ObjectKey"
},
"S3ObjectVersion": {
- "description": "For versioned objects, the version of the deployment package object to use. If not specified, the current object version will be used.",
"maxLength": 1024,
"minLength": 1,
"type": "string"
@@ -1530,10 +1600,8 @@
},
"SSMLMessage": {
"additionalProperties": false,
- "description": "A message in Speech Synthesis Markup Language (SSML).",
"properties": {
"Value": {
- "description": "The SSML text that defines the prompt.",
"maxLength": 1000,
"minLength": 1,
"type": "string"
@@ -1546,7 +1614,6 @@
},
"SampleUtterance": {
"additionalProperties": false,
- "description": "A sample utterance that invokes an intent or respond to a slot elicitation prompt.",
"properties": {
"Utterance": {
"$ref": "#/definitions/Utterance"
@@ -1558,7 +1625,6 @@
"type": "object"
},
"SampleUtterancesList": {
- "description": "An array of sample utterances",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/SampleUtterance"
@@ -1567,10 +1633,8 @@
},
"SampleValue": {
"additionalProperties": false,
- "description": "Defines one of the values for a slot type.",
"properties": {
"Value": {
- "description": "The value that can be used for a slot type.",
"maxLength": 140,
"minLength": 1,
"type": "string"
@@ -1583,7 +1647,6 @@
},
"SessionAttribute": {
"additionalProperties": false,
- "description": "Key/value pair representing session-specific context information. It contains application information passed between Amazon Lex and a client application.",
"properties": {
"Key": {
"maxLength": 1024,
@@ -1603,7 +1666,6 @@
},
"Slot": {
"additionalProperties": false,
- "description": "A slot is a variable needed to fulfill an intent, where an intent can require zero or more slots.",
"properties": {
"Description": {
"$ref": "#/definitions/Description"
@@ -1633,39 +1695,30 @@
},
"SlotCaptureSetting": {
"additionalProperties": false,
- "description": "Settings used when Amazon Lex successfully captures a slot value from a user.",
"properties": {
"CaptureConditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "A list of conditional branches to evaluate after the slot value is captured."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"CaptureNextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "Specifies the next step that the bot runs when the slot value is captured before the code hook times out."
+ "$ref": "#/definitions/DialogState"
},
"CaptureResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
},
"CodeHook": {
- "$ref": "#/definitions/DialogCodeHookInvocationSetting",
- "description": "Code hook called after Amazon Lex successfully captures a slot value."
+ "$ref": "#/definitions/DialogCodeHookInvocationSetting"
},
"ElicitationCodeHook": {
- "$ref": "#/definitions/ElicitationCodeHookInvocationSetting",
- "description": "Code hook called when Amazon Lex doesn't capture a slot value."
+ "$ref": "#/definitions/ElicitationCodeHookInvocationSetting"
},
"FailureConditional": {
- "$ref": "#/definitions/ConditionalSpecification",
- "description": "A list of conditional branches to evaluate when the slot value isn't captured."
+ "$ref": "#/definitions/ConditionalSpecification"
},
"FailureNextStep": {
- "$ref": "#/definitions/DialogState",
- "description": "Specifies the next step that the bot runs when the slot value code is not recognized."
+ "$ref": "#/definitions/DialogState"
},
"FailureResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "Specifies a list of message groups that Amazon Lex uses to respond the user input."
+ "$ref": "#/definitions/ResponseSpecification"
}
},
"type": "object"
@@ -1679,10 +1732,8 @@
},
"SlotDefaultValue": {
"additionalProperties": false,
- "description": "The default value to use when a user doesn't provide a value for a slot.",
"properties": {
"DefaultValue": {
- "description": "The default value to use when a user doesn't provide a value for a slot.",
"maxLength": 202,
"minLength": 1,
"type": "string"
@@ -1695,10 +1746,8 @@
},
"SlotDefaultValueSpecification": {
"additionalProperties": false,
- "description": "A list of values that Amazon Lex should use as the default value for a slot.",
"properties": {
"DefaultValueList": {
- "description": "A list of slot default values",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/SlotDefaultValue"
@@ -1713,7 +1762,6 @@
"type": "object"
},
"SlotPrioritiesList": {
- "description": "List for slot priorities",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/SlotPriority"
@@ -1722,14 +1770,12 @@
},
"SlotPriority": {
"additionalProperties": false,
- "description": "The priority that Amazon Lex should use when eliciting slot values from a user.",
"properties": {
"Priority": {
"$ref": "#/definitions/PriorityValue"
},
"SlotName": {
- "$ref": "#/definitions/Name",
- "description": "The name of the slot."
+ "$ref": "#/definitions/Name"
}
},
"required": [
@@ -1739,7 +1785,6 @@
"type": "object"
},
"SlotShape": {
- "description": "The different shapes that a slot can be in during a conversation.",
"enum": [
"Scalar",
"List"
@@ -1748,8 +1793,10 @@
},
"SlotType": {
"additionalProperties": false,
- "description": "A custom, extended built-in or a grammar slot type.",
"properties": {
+ "CompositeSlotTypeSetting": {
+ "$ref": "#/definitions/CompositeSlotTypeSetting"
+ },
"Description": {
"$ref": "#/definitions/Description"
},
@@ -1775,12 +1822,10 @@
"type": "object"
},
"SlotTypeName": {
- "description": "The slot type name that is used in the slot. Allows for custom and built-in slot type names",
"type": "string"
},
"SlotTypeValue": {
"additionalProperties": false,
- "description": "Value that the slot type can take.",
"properties": {
"SampleValue": {
"$ref": "#/definitions/SampleValue"
@@ -1795,7 +1840,6 @@
"type": "object"
},
"SlotTypeValues": {
- "description": "A List of slot type values",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/SlotTypeValue"
@@ -1805,10 +1849,8 @@
},
"SlotValue": {
"additionalProperties": false,
- "description": "The value to set in a slot.",
"properties": {
"InterpretedValue": {
- "description": "The value that Amazon Lex determines for the slot.",
"maxLength": 202,
"minLength": 1,
"type": "string"
@@ -1818,31 +1860,24 @@
},
"SlotValueElicitationSetting": {
"additionalProperties": false,
- "description": "Settings that you can use for eliciting a slot value.",
"properties": {
"DefaultValueSpecification": {
- "$ref": "#/definitions/SlotDefaultValueSpecification",
- "description": "A list of default values for a slot."
+ "$ref": "#/definitions/SlotDefaultValueSpecification"
},
"PromptSpecification": {
- "$ref": "#/definitions/PromptSpecification",
- "description": "The prompt that Amazon Lex uses to elicit the slot value from the user."
+ "$ref": "#/definitions/PromptSpecification"
},
"SampleUtterances": {
- "$ref": "#/definitions/SampleUtterancesList",
- "description": "If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy."
+ "$ref": "#/definitions/SampleUtterancesList"
},
"SlotCaptureSetting": {
- "$ref": "#/definitions/SlotCaptureSetting",
- "description": "Specifies the next stage in the conversation after capturing the slot."
+ "$ref": "#/definitions/SlotCaptureSetting"
},
"SlotConstraint": {
- "$ref": "#/definitions/SlotConstraint",
- "description": "Specifies whether the slot is required or optional."
+ "$ref": "#/definitions/SlotConstraint"
},
"WaitAndContinueSpecification": {
- "$ref": "#/definitions/WaitAndContinueSpecification",
- "description": "Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input."
+ "$ref": "#/definitions/WaitAndContinueSpecification"
}
},
"required": [
@@ -1852,26 +1887,21 @@
},
"SlotValueOverride": {
"additionalProperties": false,
- "description": "The slot values that Amazon Lex uses when it sets slot values in a dialog step.",
"properties": {
"Shape": {
- "$ref": "#/definitions/SlotShape",
- "description": "When the shape value is List, it indicates that the values field contains a list of slot values. When the value is Scalar, it indicates that the value field contains a single value."
+ "$ref": "#/definitions/SlotShape"
},
"Value": {
- "$ref": "#/definitions/SlotValue",
- "description": "The current value of the slot."
+ "$ref": "#/definitions/SlotValue"
},
"Values": {
- "$ref": "#/definitions/SlotValues",
- "description": "A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be \"pepperoni\" and \"pineapple.\""
+ "$ref": "#/definitions/SlotValues"
}
},
"type": "object"
},
"SlotValueOverrideMap": {
"additionalProperties": false,
- "description": "A map of slot names and their overridden values.",
"properties": {
"SlotName": {
"$ref": "#/definitions/Name"
@@ -1884,10 +1914,8 @@
},
"SlotValueRegexFilter": {
"additionalProperties": false,
- "description": "A regular expression used to validate the value of a slot.",
"properties": {
"Pattern": {
- "description": "Regex pattern",
"maxLength": 300,
"minLength": 1,
"type": "string"
@@ -1901,13 +1929,13 @@
"SlotValueResolutionStrategy": {
"enum": [
"ORIGINAL_VALUE",
- "TOP_RESOLUTION"
+ "TOP_RESOLUTION",
+ "CONCATENATION"
],
"type": "string"
},
"SlotValueSelectionSetting": {
"additionalProperties": false,
- "description": "Contains settings used by Amazon Lex to select a slot value.",
"properties": {
"AdvancedRecognitionSetting": {
"$ref": "#/definitions/AdvancedRecognitionSetting"
@@ -1925,24 +1953,21 @@
"type": "object"
},
"SlotValues": {
- "description": "An array of values that slots should be set to",
+ "insertionOrder": false,
"items": {
"$ref": "#/definitions/SlotValueOverride"
},
"type": "array"
},
"StillWaitingResponseFrequency": {
- "description": "How often a message should be sent to the user in seconds.",
"maximum": 300,
"minimum": 1,
"type": "integer"
},
"StillWaitingResponseSpecification": {
"additionalProperties": false,
- "description": "StillWaitingResponseSpecification.",
"properties": {
"AllowInterrupt": {
- "description": "Indicates whether the user can interrupt a speech prompt from the bot.",
"type": "boolean"
},
"FrequencyInSeconds": {
@@ -1963,13 +1988,33 @@
"type": "object"
},
"StillWaitingResponseTimeout": {
- "description": "If Amazon Lex waits longer than this length of time in seconds for a response, it will stop sending messages.",
"maximum": 900,
"minimum": 1,
"type": "integer"
},
+ "SubSlotTypeComposition": {
+ "additionalProperties": false,
+ "properties": {
+ "Name": {
+ "maxLength": 100,
+ "minLength": 1,
+ "pattern": "^([0-9a-zA-Z][_-]?){1,100}$",
+ "type": "string"
+ },
+ "SlotTypeId": {
+ "maxLength": 25,
+ "minLength": 1,
+ "pattern": "^((AMAZON\\.)[a-zA-Z_]+?|[0-9a-zA-Z]+)$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Name",
+ "SlotTypeId"
+ ],
+ "type": "object"
+ },
"SynonymList": {
- "description": "Additional values related to the slot type entry.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/SampleValue"
@@ -1979,16 +2024,13 @@
},
"Tag": {
"additionalProperties": false,
- "description": "A key-value pair for tagging Lex resources",
"properties": {
"Key": {
- "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
"maxLength": 128,
"minLength": 1,
"type": "string"
},
"Value": {
- "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
"maxLength": 256,
"minLength": 0,
"type": "string"
@@ -2002,7 +2044,6 @@
},
"TestBotAliasSettings": {
"additionalProperties": false,
- "description": "Configuring the test bot alias settings for a given bot",
"properties": {
"BotAliasLocaleSettings": {
"$ref": "#/definitions/BotAliasLocaleSettingsList"
@@ -2015,10 +2056,8 @@
},
"SentimentAnalysisSettings": {
"additionalProperties": false,
- "description": "Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances.",
"properties": {
"DetectSentiment": {
- "description": "Enable to call Amazon Comprehend for Sentiment natively within Lex",
"type": "boolean"
}
},
@@ -2032,10 +2071,8 @@
},
"TextInputSpecification": {
"additionalProperties": false,
- "description": "Specifies the text input specifications.",
"properties": {
"StartTimeoutMs": {
- "description": "Time for which a bot waits before re-prompting a customer for text input.",
"minimum": 1,
"type": "integer"
}
@@ -2047,7 +2084,6 @@
},
"TextLogDestination": {
"additionalProperties": false,
- "description": "Defines the Amazon CloudWatch Logs destination log group for conversation text logs.",
"properties": {
"CloudWatch": {
"$ref": "#/definitions/CloudWatchLogGroupLogDestination"
@@ -2060,13 +2096,11 @@
},
"TextLogSetting": {
"additionalProperties": false,
- "description": "Contains information about code hooks that Amazon Lex calls during a conversation.",
"properties": {
"Destination": {
"$ref": "#/definitions/TextLogDestination"
},
"Enabled": {
- "description": "",
"type": "boolean"
}
},
@@ -2077,7 +2111,6 @@
"type": "object"
},
"TextLogSettings": {
- "description": "List of text log settings that pertain to the conversation log settings for the bot's TestBotAlias",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/TextLogSetting"
@@ -2087,23 +2120,21 @@
"uniqueItems": true
},
"Utterance": {
- "description": "The sample utterance that Amazon Lex uses to build its machine-learning model to recognize intents/slots.",
"type": "string"
},
"VoiceSettings": {
"additionalProperties": false,
- "description": "Settings for using an Amazon Polly voice to communicate with a user.",
"properties": {
"Engine": {
- "description": "Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the engine parameter of the SynthesizeSpeech operation in the Amazon Polly developer guide.",
"enum": [
"standard",
- "neural"
+ "neural",
+ "long-form",
+ "generative"
],
"type": "string"
},
"VoiceId": {
- "description": "The Amazon Polly voice ID that Amazon Lex uses for voice interaction with the user.",
"type": "string"
}
},
@@ -2114,23 +2145,18 @@
},
"WaitAndContinueSpecification": {
"additionalProperties": false,
- "description": "The prompts that Amazon Lex uses while a bot is waiting for customer input.",
"properties": {
"ContinueResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation."
+ "$ref": "#/definitions/ResponseSpecification"
},
"IsActive": {
- "description": "Specifies whether the bot will wait for a user to respond.",
"type": "boolean"
},
"StillWaitingResponse": {
- "$ref": "#/definitions/StillWaitingResponseSpecification",
- "description": "The response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user."
+ "$ref": "#/definitions/StillWaitingResponseSpecification"
},
"WaitingResponse": {
- "$ref": "#/definitions/ResponseSpecification",
- "description": "The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue."
+ "$ref": "#/definitions/ResponseSpecification"
}
},
"required": [
@@ -2173,7 +2199,12 @@
"lex:UpdateCustomVocabulary",
"lex:DeleteCustomVocabulary",
"s3:GetObject",
- "lex:UpdateBotAlias"
+ "lex:UpdateBotAlias",
+ "iam:CreateServiceLinkedRole",
+ "iam:GetRole",
+ "lex:CreateBotReplica",
+ "lex:DescribeBotReplica",
+ "lex:DeleteBotReplica"
]
},
"delete": {
@@ -2187,18 +2218,21 @@
"lex:DeleteBotVersion",
"lex:DeleteBotChannel",
"lex:DeleteBotAlias",
- "lex:DeleteCustomVocabulary"
+ "lex:DeleteCustomVocabulary",
+ "lex:DeleteBotReplica"
]
},
"list": {
"permissions": [
- "lex:ListBots"
+ "lex:ListBots",
+ "lex:ListBotReplicas"
]
},
"read": {
"permissions": [
"lex:DescribeBot",
- "lex:ListTagsForResource"
+ "lex:ListTagsForResource",
+ "lex:DescribeBotReplica"
]
},
"update": {
@@ -2233,7 +2267,10 @@
"lex:UpdateCustomVocabulary",
"lex:DeleteCustomVocabulary",
"s3:GetObject",
- "lex:UpdateBotAlias"
+ "lex:UpdateBotAlias",
+ "lex:CreateBotReplica",
+ "lex:DescribeBotReplica",
+ "lex:DeleteBotReplica"
]
}
},
@@ -2245,14 +2282,12 @@
"$ref": "#/definitions/BotArn"
},
"AutoBuildBotLocales": {
- "description": "Specifies whether to build the bot locales after bot creation completes.",
"type": "boolean"
},
"BotFileS3Location": {
"$ref": "#/definitions/S3Location"
},
"BotLocales": {
- "description": "List of bot locales",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/BotLocale"
@@ -2261,7 +2296,6 @@
"uniqueItems": true
},
"BotTags": {
- "description": "A list of tags to add to the bot, which can only be added at bot creation.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
@@ -2272,10 +2306,8 @@
},
"DataPrivacy": {
"additionalProperties": false,
- "description": "Data privacy setting of the Bot.",
"properties": {
"ChildDirected": {
- "description": "",
"type": "boolean"
}
},
@@ -2291,7 +2323,6 @@
"$ref": "#/definitions/Id"
},
"IdleSessionTTLInSeconds": {
- "description": "IdleSessionTTLInSeconds of the resource",
"maximum": 86400,
"minimum": 60,
"type": "integer"
@@ -2299,6 +2330,9 @@
"Name": {
"$ref": "#/definitions/Name"
},
+ "Replication": {
+ "$ref": "#/definitions/Replication"
+ },
"RoleArn": {
"$ref": "#/definitions/RoleArn"
},
@@ -2306,7 +2340,6 @@
"$ref": "#/definitions/TestBotAliasSettings"
},
"TestBotAliasTags": {
- "description": "A list of tags to add to the test alias for a bot, , which can only be added at bot/bot alias creation.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
@@ -2334,6 +2367,7 @@
"/properties/BotFileS3Location",
"/properties/AutoBuildBotLocales",
"/properties/BotTags",
- "/properties/TestBotAliasTags"
+ "/properties/TestBotAliasTags",
+ "/properties/Replication"
]
}
diff --git a/schema/aws-lightsail-bucket.json b/schema/aws-lightsail-bucket.json
index 9931011..0e267ca 100644
--- a/schema/aws-lightsail-bucket.json
+++ b/schema/aws-lightsail-bucket.json
@@ -156,6 +156,16 @@
"BundleId"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-lightsail.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "lightsail:TagResource",
+ "lightsail:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Lightsail::Bucket"
}
diff --git a/schema/aws-lightsail-certificate.json b/schema/aws-lightsail-certificate.json
index 65ea904..d3cbd34 100644
--- a/schema/aws-lightsail-certificate.json
+++ b/schema/aws-lightsail-certificate.json
@@ -110,6 +110,16 @@
"DomainName"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "lightsail:TagResource",
+ "lightsail:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Lightsail::Certificate"
}
diff --git a/schema/aws-lightsail-container.json b/schema/aws-lightsail-container.json
index 3f70d58..8c1171c 100644
--- a/schema/aws-lightsail-container.json
+++ b/schema/aws-lightsail-container.json
@@ -318,6 +318,16 @@
"Scale"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-lightsail.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "lightsail:TagResource",
+ "lightsail:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Lightsail::Container"
}
diff --git a/schema/aws-lightsail-database.json b/schema/aws-lightsail-database.json
index a6595a0..68eef3a 100644
--- a/schema/aws-lightsail-database.json
+++ b/schema/aws-lightsail-database.json
@@ -221,7 +221,17 @@
"MasterUsername"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-lightsail.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "lightsail:TagResource",
+ "lightsail:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Lightsail::Database",
"writeOnlyProperties": [
"/properties/MasterUserPassword",
diff --git a/schema/aws-lightsail-disk.json b/schema/aws-lightsail-disk.json
index 20d2d53..f7e701d 100644
--- a/schema/aws-lightsail-disk.json
+++ b/schema/aws-lightsail-disk.json
@@ -227,6 +227,16 @@
"SizeInGb"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-lightsail.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "lightsail:TagResource",
+ "lightsail:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Lightsail::Disk"
}
diff --git a/schema/aws-lightsail-distribution.json b/schema/aws-lightsail-distribution.json
index 77ef52d..4ffa231 100644
--- a/schema/aws-lightsail-distribution.json
+++ b/schema/aws-lightsail-distribution.json
@@ -300,6 +300,16 @@
"Origin"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-lightsail.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "lightsail:TagResource",
+ "lightsail:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Lightsail::Distribution"
}
diff --git a/schema/aws-lightsail-instance.json b/schema/aws-lightsail-instance.json
index b43f0c3..be3ff75 100644
--- a/schema/aws-lightsail-instance.json
+++ b/schema/aws-lightsail-instance.json
@@ -458,7 +458,17 @@
"BundleId"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-lightsail.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "lightsail:TagResource",
+ "lightsail:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Lightsail::Instance",
"writeOnlyProperties": [
"/properties/UserData"
diff --git a/schema/aws-lightsail-loadbalancer.json b/schema/aws-lightsail-loadbalancer.json
index d2dc05d..c696dda 100644
--- a/schema/aws-lightsail-loadbalancer.json
+++ b/schema/aws-lightsail-loadbalancer.json
@@ -138,6 +138,16 @@
"InstancePort"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-lightsail.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "lightsail:TagResource",
+ "lightsail:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Lightsail::LoadBalancer"
}
diff --git a/schema/aws-location-apikey.json b/schema/aws-location-apikey.json
index b8e7adc..317a4d0 100644
--- a/schema/aws-location-apikey.json
+++ b/schema/aws-location-apikey.json
@@ -12,10 +12,10 @@
"items": {
"maxLength": 200,
"minLength": 5,
- "pattern": "^geo:\\w*\\*?$",
+ "pattern": "^(geo|geo-routes|geo-places|geo-maps):\\w*\\*?$",
"type": "string"
},
- "maxItems": 7,
+ "maxItems": 24,
"minItems": 1,
"type": "array"
},
@@ -37,7 +37,7 @@
"pattern": "(^arn(:[a-z0-9]+([.-][a-z0-9]+)*):geo(:([a-z0-9]+([.-][a-z0-9]+)*))(:[0-9]+):((\\*)|([-a-z]+[/][*-._\\w]+))$)|(^arn(:[a-z0-9]+([.-][a-z0-9]+)*):(geo-routes|geo-places|geo-maps)(:((\\*)|([a-z0-9]+([.-][a-z0-9]+)*)))::((provider[\\/][*-._\\w]+))$)",
"type": "string"
},
- "maxItems": 5,
+ "maxItems": 8,
"minItems": 1,
"type": "array"
}
@@ -86,6 +86,10 @@
},
"type": "object"
},
+ "Unit": {
+ "additionalProperties": false,
+ "type": "object"
+ },
"iso8601UTC": {
"description": "The datetime value in ISO 8601 format. The timezone is always UTC. (YYYY-MM-DDThh:mm:ss.sssZ)",
"pattern": "^([0-2]\\d{3})-(0[0-9]|1[0-2])-([0-2]\\d|3[01])T([01]\\d|2[0-4]):([0-5]\\d):([0-6]\\d)((\\.\\d{3})?)Z$",
@@ -109,7 +113,21 @@
"geo:SearchPlaceIndexForSuggestions",
"geo:GetPlace",
"geo:CalculateRoute",
- "geo:CalculateRouteMatrix"
+ "geo:CalculateRouteMatrix",
+ "geo-maps:GetTile",
+ "geo-maps:GetStaticMap",
+ "geo-places:Autocomplete",
+ "geo-places:Geocode",
+ "geo-places:GetPlace",
+ "geo-places:ReverseGeocode",
+ "geo-places:SearchNearby",
+ "geo-places:SearchText",
+ "geo-places:Suggest",
+ "geo-routes:CalculateIsolines",
+ "geo-routes:CalculateRouteMatrix",
+ "geo-routes:CalculateRoutes",
+ "geo-routes:OptimizeWaypoints",
+ "geo-routes:SnapToRoads"
]
},
"delete": {
@@ -144,6 +162,20 @@
"geo:GetPlace",
"geo:CalculateRoute",
"geo:CalculateRouteMatrix",
+ "geo-maps:GetTile",
+ "geo-maps:GetStaticMap",
+ "geo-places:Autocomplete",
+ "geo-places:Geocode",
+ "geo-places:GetPlace",
+ "geo-places:ReverseGeocode",
+ "geo-places:SearchNearby",
+ "geo-places:SearchText",
+ "geo-places:Suggest",
+ "geo-routes:CalculateIsolines",
+ "geo-routes:CalculateRouteMatrix",
+ "geo-routes:CalculateRoutes",
+ "geo-routes:OptimizeWaypoints",
+ "geo-routes:SnapToRoads",
"geo:UpdateKey"
]
}
@@ -218,6 +250,10 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "geo:TagResource",
+ "geo:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-location-geofencecollection.json b/schema/aws-location-geofencecollection.json
index 17f9a7a..c2a064d 100644
--- a/schema/aws-location-geofencecollection.json
+++ b/schema/aws-location-geofencecollection.json
@@ -40,10 +40,10 @@
"additionalProperties": false,
"maxProperties": 50,
"patternProperties": {
- "^[a-zA-Z+-=._:/]+$": {
+ "^([\\p{L}\\p{Z}\\p{N}_.,:/=+\\-@]*)$": {
"maxLength": 256,
"minLength": 0,
- "pattern": "^[A-Za-z0-9 _=@:.+-/]*$",
+ "pattern": "^([\\p{L}\\p{Z}\\p{N}_.,:/=+\\-@]*)$",
"type": "string"
}
},
@@ -166,6 +166,10 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "geo:TagResource",
+ "geo:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-location-map.json b/schema/aws-location-map.json
index 851636a..3f48069 100644
--- a/schema/aws-location-map.json
+++ b/schema/aws-location-map.json
@@ -183,6 +183,10 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "geo:TagResource",
+ "geo:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-location-placeindex.json b/schema/aws-location-placeindex.json
index 808ee0b..adab760 100644
--- a/schema/aws-location-placeindex.json
+++ b/schema/aws-location-placeindex.json
@@ -171,6 +171,10 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "geo:TagResource",
+ "geo:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-location-routecalculator.json b/schema/aws-location-routecalculator.json
index f56c886..256de2e 100644
--- a/schema/aws-location-routecalculator.json
+++ b/schema/aws-location-routecalculator.json
@@ -152,6 +152,10 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "geo:TagResource",
+ "geo:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-location-tracker.json b/schema/aws-location-tracker.json
index 20e03c2..ec94b31 100644
--- a/schema/aws-location-tracker.json
+++ b/schema/aws-location-tracker.json
@@ -183,6 +183,10 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "geo:TagResource",
+ "geo:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-logs-accountpolicy.json b/schema/aws-logs-accountpolicy.json
index 7fc78f4..9d3aa52 100644
--- a/schema/aws-logs-accountpolicy.json
+++ b/schema/aws-logs-accountpolicy.json
@@ -9,6 +9,7 @@
"create": {
"permissions": [
"logs:PutAccountPolicy",
+ "logs:PutIndexPolicy",
"logs:PutDataProtectionPolicy",
"logs:DescribeAccountPolicies",
"logs:CreateLogDelivery",
@@ -16,15 +17,18 @@
"firehose:TagDeliveryStream",
"logs:PutSubscriptionFilter",
"logs:DeleteSubscriptionFilter",
+ "logs:PutTransformer",
"iam:PassRole"
]
},
"delete": {
"permissions": [
"logs:DeleteAccountPolicy",
+ "logs:DeleteIndexPolicy",
"logs:DeleteDataProtectionPolicy",
"logs:DescribeAccountPolicies",
"logs:DeleteSubscriptionFilter",
+ "logs:DeleteTransformer",
"iam:PassRole"
]
},
@@ -40,24 +44,30 @@
]
},
"permissions": [
- "logs:DescribeAccountPolicies"
+ "logs:DescribeAccountPolicies",
+ "logs:GetTransformer"
]
},
"read": {
"permissions": [
- "logs:DescribeAccountPolicies"
+ "logs:DescribeAccountPolicies",
+ "logs:GetTransformer"
]
},
"update": {
"permissions": [
"logs:PutAccountPolicy",
+ "logs:PutIndexPolicy",
"logs:PutDataProtectionPolicy",
"logs:DescribeAccountPolicies",
"logs:DeleteAccountPolicy",
+ "logs:DeleteIndexPolicy",
"logs:DeleteDataProtectionPolicy",
"logs:CreateLogDelivery",
"logs:PutSubscriptionFilter",
"logs:DeleteSubscriptionFilter",
+ "logs:PutTransformer",
+ "logs:DeleteTransformer",
"s3:REST.PUT.OBJECT",
"firehose:TagDeliveryStream",
"iam:PassRole"
@@ -92,7 +102,9 @@
"description": "Type of the policy.",
"enum": [
"DATA_PROTECTION_POLICY",
- "SUBSCRIPTION_FILTER_POLICY"
+ "SUBSCRIPTION_FILTER_POLICY",
+ "FIELD_INDEX_POLICY",
+ "TRANSFORMER_POLICY"
],
"type": "string"
},
diff --git a/schema/aws-logs-delivery.json b/schema/aws-logs-delivery.json
index d1b0556..c38a2fc 100644
--- a/schema/aws-logs-delivery.json
+++ b/schema/aws-logs-delivery.json
@@ -12,6 +12,12 @@
"pattern": "[\\w#+=/:,.@-]*\\*?",
"type": "string"
},
+ "FieldHeader": {
+ "description": "A single record field to be delivered to the destination.",
+ "maxLength": 50,
+ "minLength": 1,
+ "type": "string"
+ },
"Tag": {
"additionalProperties": false,
"description": "A key-value pair to associate with a resource.",
@@ -73,7 +79,8 @@
"logs:GetDelivery",
"logs:ListTagsForResource",
"logs:TagResource",
- "logs:UntagResource"
+ "logs:UntagResource",
+ "logs:UpdateDeliveryConfiguration"
]
}
},
@@ -110,6 +117,29 @@
"pattern": "[\\w-]*$",
"type": "string"
},
+ "FieldDelimiter": {
+ "description": "The field delimiter to use between record fields when the final output format of a delivery is in Plain , W3C , or Raw format.",
+ "maxLength": 5,
+ "minLength": 1,
+ "type": "string"
+ },
+ "RecordFields": {
+ "description": "The list of record fields to be delivered to the destination, in order. If the delivery's log source has mandatory fields, they must be included in this list.",
+ "items": {
+ "$ref": "#/definitions/FieldHeader"
+ },
+ "type": "array"
+ },
+ "S3EnableHiveCompatiblePath": {
+ "description": "This parameter causes the S3 objects that contain delivered logs to use a prefix structure that allows for integration with Apache Hive.",
+ "type": "boolean"
+ },
+ "S3SuffixPath": {
+ "description": "This string allows re-configuring the S3 object prefix to contain either static or variable sections. The valid variables to use in the suffix path will vary by each log source. See ConfigurationTemplate$allowedSuffixPathFields for more info on what values are supported in the suffix path for each log source.",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ },
"Tags": {
"description": "The tags that have been assigned to this delivery.",
"insertionOrder": false,
@@ -132,6 +162,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-logs.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "logs:TagResource",
+ "logs:UntagResource",
+ "logs:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-logs-deliverydestination.json b/schema/aws-logs-deliverydestination.json
index 30699eb..f00eff7 100644
--- a/schema/aws-logs-deliverydestination.json
+++ b/schema/aws-logs-deliverydestination.json
@@ -2,6 +2,7 @@
"additionalProperties": false,
"createOnlyProperties": [
"/properties/Name",
+ "/properties/OutputFormat",
"/properties/DestinationResourceArn"
],
"definitions": {
@@ -127,7 +128,7 @@
},
"DestinationResourceArn": {
"$ref": "#/definitions/Arn",
- "description": "The ARN of the AWS resource that will receive the logs."
+ "description": "The ARN of the Amazon Web Services destination that this delivery destination represents. That Amazon Web Services destination can be a log group in CloudWatch Logs, an Amazon S3 bucket, or a delivery stream in Firehose."
},
"Name": {
"description": "The name of this delivery destination.",
@@ -136,6 +137,13 @@
"pattern": "[\\w-]*$",
"type": "string"
},
+ "OutputFormat": {
+ "description": "The format of the logs that are sent to this delivery destination.",
+ "maxLength": 12,
+ "minLength": 1,
+ "pattern": "^[0-9A-Za-z]+$",
+ "type": "string"
+ },
"Tags": {
"description": "The tags that have been assigned to this delivery destination.",
"insertionOrder": false,
@@ -156,6 +164,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-logs.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "logs:TagResource",
+ "logs:UntagResource",
+ "logs:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-logs-deliverysource.json b/schema/aws-logs-deliverysource.json
index 5a42cfe..37b77d5 100644
--- a/schema/aws-logs-deliverysource.json
+++ b/schema/aws-logs-deliverysource.json
@@ -138,6 +138,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-logs.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "logs:TagResource",
+ "logs:UntagResource",
+ "logs:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-logs-integration.json b/schema/aws-logs-integration.json
new file mode 100644
index 0000000..9da27ec
--- /dev/null
+++ b/schema/aws-logs-integration.json
@@ -0,0 +1,167 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/IntegrationName",
+ "/properties/IntegrationType",
+ "/properties/ResourceConfig"
+ ],
+ "definitions": {
+ "Arn": {
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "[\\w#+=/:,.@-]*\\*?",
+ "type": "string"
+ },
+ "OpenSearchResourceConfig": {
+ "additionalProperties": false,
+ "properties": {
+ "ApplicationARN": {
+ "$ref": "#/definitions/Arn"
+ },
+ "DashboardViewerPrincipals": {
+ "items": {
+ "$ref": "#/definitions/Arn"
+ },
+ "type": "array"
+ },
+ "DataSourceRoleArn": {
+ "$ref": "#/definitions/Arn"
+ },
+ "KmsKeyArn": {
+ "$ref": "#/definitions/Arn"
+ },
+ "RetentionDays": {
+ "maximum": 3650,
+ "minimum": 1,
+ "type": "integer"
+ }
+ },
+ "required": [
+ "DataSourceRoleArn",
+ "DashboardViewerPrincipals"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "Resource Schema for Logs Integration Resource",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "logs:PutIntegration",
+ "logs:GetIntegration",
+ "aoss:CreateCollection",
+ "aoss:CreateSecurityPolicy",
+ "aoss:CreateAccessPolicy",
+ "aoss:CreateLifeCyclePolicy",
+ "aoss:BatchGetCollection",
+ "aoss:DeleteCollection",
+ "aoss:DeleteSecurityPolicy",
+ "aoss:DeleteAccessPolicy",
+ "aoss:DeleteLifeCyclePolicy",
+ "aoss:GetAccessPolicy",
+ "aoss:GetSecurityPolicy",
+ "aoss:BatchGetLifecyclePolicy",
+ "aoss:TagResource",
+ "aoss:APIAccessAll",
+ "opensearch:AddDirectQueryDataSource",
+ "opensearch:DeleteDirectQueryDataSource",
+ "opensearch:GetDirectQueryDataSource",
+ "opensearch:CreateApplication",
+ "opensearch:GetApplication",
+ "opensearch:UpdateApplication",
+ "opensearch:DeleteApplication",
+ "opensearch:ApplicationAccessAll",
+ "opensearch:DashboardsAccessAll",
+ "opensearch:StartDirectQuery",
+ "opensearch:GetDirectQuery",
+ "iam:PassRole",
+ "iam:CreateServiceLinkedRole",
+ "iam:AttachRolePolicy",
+ "iam:AttachUserPolicy",
+ "es:AddDirectQueryDataSource",
+ "es:CreateApplication",
+ "es:UpdateApplication",
+ "es:GetApplication",
+ "es:DeleteApplication",
+ "es:DeleteDirectQueryDataSource",
+ "es:GetDirectQueryDataSource",
+ "es:AddTags",
+ "es:ListApplications"
+ ],
+ "timeoutInMinutes": 30
+ },
+ "delete": {
+ "permissions": [
+ "logs:DeleteIntegration"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "logs:ListIntegrations"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "logs:GetIntegration"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/IntegrationName"
+ ],
+ "properties": {
+ "IntegrationName": {
+ "description": "User provided identifier for integration, unique to the user account.",
+ "maxLength": 50,
+ "minLength": 1,
+ "pattern": "[\\.\\-_/#A-Za-z0-9]+",
+ "type": "string"
+ },
+ "IntegrationStatus": {
+ "description": "Status of creation for the Integration and its resources",
+ "enum": [
+ "PROVISIONING",
+ "ACTIVE",
+ "FAILED"
+ ],
+ "type": "string"
+ },
+ "IntegrationType": {
+ "description": "The type of the Integration.",
+ "enum": [
+ "OPENSEARCH"
+ ],
+ "type": "string"
+ },
+ "ResourceConfig": {
+ "additionalProperties": false,
+ "description": "OpenSearchResourceConfig for the given Integration",
+ "properties": {
+ "OpenSearchResourceConfig": {
+ "$ref": "#/definitions/OpenSearchResourceConfig"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/IntegrationStatus"
+ ],
+ "replacementStrategy": "delete_then_create",
+ "required": [
+ "IntegrationName",
+ "IntegrationType",
+ "ResourceConfig"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "taggable": false
+ },
+ "typeName": "AWS::Logs::Integration",
+ "writeOnlyProperties": [
+ "/properties/ResourceConfig"
+ ]
+}
diff --git a/schema/aws-logs-loggroup.json b/schema/aws-logs-loggroup.json
index b7c624c..e6f2d08 100644
--- a/schema/aws-logs-loggroup.json
+++ b/schema/aws-logs-loggroup.json
@@ -6,7 +6,7 @@
"definitions": {
"Tag": {
"additionalProperties": false,
- "description": "",
+ "description": "The value of this key-value pair.",
"properties": {
"Key": {
"description": "",
@@ -15,7 +15,7 @@
"type": "string"
},
"Value": {
- "description": "",
+ "description": "The value of this key-value pair.",
"maxLength": 256,
"minLength": 0,
"type": "string"
@@ -42,7 +42,9 @@
"s3:REST.PUT.OBJECT",
"firehose:TagDeliveryStream",
"logs:PutResourcePolicy",
- "logs:DescribeResourcePolicies"
+ "logs:DescribeResourcePolicies",
+ "logs:PutIndexPolicy",
+ "logs:DescribeIndexPolicies"
]
},
"delete": {
@@ -70,7 +72,8 @@
"permissions": [
"logs:DescribeLogGroups",
"logs:ListTagsForResource",
- "logs:GetDataProtectionPolicy"
+ "logs:GetDataProtectionPolicy",
+ "logs:DescribeIndexPolicies"
]
},
"update": {
@@ -82,11 +85,14 @@
"logs:DeleteRetentionPolicy",
"logs:TagResource",
"logs:UntagResource",
+ "logs:ListTagsForResource",
"logs:GetDataProtectionPolicy",
"logs:PutDataProtectionPolicy",
"logs:CreateLogDelivery",
"s3:REST.PUT.OBJECT",
- "firehose:TagDeliveryStream"
+ "firehose:TagDeliveryStream",
+ "logs:PutIndexPolicy",
+ "logs:DeleteIndexPolicy"
]
}
},
@@ -102,6 +108,16 @@
"description": "Creates a data protection policy and assigns it to the log group. A data protection policy can help safeguard sensitive data that's ingested by the log group by auditing and masking the sensitive log data. When a user who does not have permission to view masked data views a log event that includes masked data, the sensitive data is replaced by asterisks.\n For more information, including a list of types of data that can be audited and masked, see [Protect sensitive log data with masking](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html).",
"type": "object"
},
+ "FieldIndexPolicies": {
+ "description": "Creates or updates a *field index policy* for the specified log group. Only log groups in the Standard log class support field index policies. For more information about log classes, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html).\n You can use field index policies to create *field indexes* on fields found in log events in the log group. Creating field indexes lowers the costs for CWL Insights queries that reference those field indexes, because these queries attempt to skip the processing of log events that are known to not match the indexed field. Good fields to index are fields that you often need to query for and fields that have high cardinality of values Common examples of indexes include request ID, session ID, userID, and instance IDs. For more information, see [Create field indexes to improve query performance and reduce costs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs-Field-Indexing.html).\n Currently, this array supports only one field index policy object.",
+ "insertionOrder": false,
+ "items": {
+ "description": "Index policy for log group in JSON format",
+ "type": "object"
+ },
+ "type": "array",
+ "uniqueItems": true
+ },
"KmsKeyId": {
"description": "The Amazon Resource Name (ARN) of the KMS key to use when encrypting log data.\n To associate an KMS key with the log group, specify the ARN of that KMS key here. If you do so, ingested data is encrypted using this key. This association is stored as long as the data encrypted with the KMS key is still within CWL. This enables CWL to decrypt this data whenever it is requested.\n If you attempt to associate a KMS key with the log group but the KMS key doesn't exist or is deactivated, you will receive an ``InvalidParameterException`` error.\n Log group data is always encrypted in CWL. If you omit this key, the encryption does not use KMS. For more information, see [Encrypt log data in using](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html)",
"maxLength": 256,
@@ -113,7 +129,8 @@
"description": "Specifies the log group class for this log group. There are two classes:\n + The ``Standard`` log class supports all CWL features.\n + The ``Infrequent Access`` log class supports a subset of CWL features and incurs lower costs.\n \n For details about the features supported by each class, see [Log classes](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html)",
"enum": [
"STANDARD",
- "INFREQUENT_ACCESS"
+ "INFREQUENT_ACCESS",
+ "DELIVERY"
],
"type": "string"
},
@@ -168,6 +185,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-logs.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "logs:TagResource",
+ "logs:UntagResource",
+ "logs:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-logs-metricfilter.json b/schema/aws-logs-metricfilter.json
index e7d5438..59e5a5d 100644
--- a/schema/aws-logs-metricfilter.json
+++ b/schema/aws-logs-metricfilter.json
@@ -146,6 +146,10 @@
"/properties/FilterName"
],
"properties": {
+ "ApplyOnTransformedLogs": {
+ "description": "This parameter is valid only for log groups that have an active log transformer. For more information about log transformers, see [PutTransformer](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html).\n If this value is ``true``, the metric filter is applied on the transformed version of the log events instead of the original ingested log events.",
+ "type": "boolean"
+ },
"FilterName": {
"description": "The name of the metric filter.",
"maxLength": 512,
diff --git a/schema/aws-logs-querydefinition.json b/schema/aws-logs-querydefinition.json
index b6d4a94..6155e5f 100644
--- a/schema/aws-logs-querydefinition.json
+++ b/schema/aws-logs-querydefinition.json
@@ -61,6 +61,16 @@
"minLength": 0,
"type": "string"
},
+ "QueryLanguage": {
+ "default": "CWLI",
+ "description": "Query language of the query string. Possible values are CWLI, SQL, PPL, with CWLI being the default.",
+ "enum": [
+ "CWLI",
+ "SQL",
+ "PPL"
+ ],
+ "type": "string"
+ },
"QueryString": {
"description": "The query string to use for this definition",
"maxLength": 10000,
diff --git a/schema/aws-logs-subscriptionfilter.json b/schema/aws-logs-subscriptionfilter.json
index a49dbc2..552d984 100644
--- a/schema/aws-logs-subscriptionfilter.json
+++ b/schema/aws-logs-subscriptionfilter.json
@@ -52,6 +52,10 @@
"/properties/LogGroupName"
],
"properties": {
+ "ApplyOnTransformedLogs": {
+ "description": "This parameter is valid only for log groups that have an active log transformer. For more information about log transformers, see [PutTransformer](https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutTransformer.html).\n If this value is ``true``, the subscription filter is applied on the transformed version of the log events instead of the original ingested log events.",
+ "type": "boolean"
+ },
"DestinationArn": {
"description": "The Amazon Resource Name (ARN) of the destination.",
"type": "string"
diff --git a/schema/aws-logs-transformer.json b/schema/aws-logs-transformer.json
new file mode 100644
index 0000000..72ee649
--- /dev/null
+++ b/schema/aws-logs-transformer.json
@@ -0,0 +1,658 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/LogGroupIdentifier"
+ ],
+ "definitions": {
+ "AddKeyEntry": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "$ref": "#/definitions/NonEmptyAndMaxLengthString"
+ },
+ "OverwriteIfExists": {
+ "type": "boolean"
+ },
+ "Value": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ },
+ "Column": {
+ "$ref": "#/definitions/NonEmptyAndMaxLengthString"
+ },
+ "CopyValueEntry": {
+ "additionalProperties": false,
+ "properties": {
+ "OverwriteIfExists": {
+ "type": "boolean"
+ },
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ },
+ "Target": {
+ "$ref": "#/definitions/NonEmptyAndMaxLengthString"
+ }
+ },
+ "required": [
+ "Source",
+ "Target"
+ ],
+ "type": "object"
+ },
+ "MatchPattern": {
+ "$ref": "#/definitions/NonEmptyString"
+ },
+ "MaxLengthString": {
+ "maxLength": 128,
+ "type": "string"
+ },
+ "MoveKeyEntry": {
+ "additionalProperties": false,
+ "properties": {
+ "OverwriteIfExists": {
+ "type": "boolean"
+ },
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ },
+ "Target": {
+ "$ref": "#/definitions/NonEmptyString"
+ }
+ },
+ "required": [
+ "Source",
+ "Target"
+ ],
+ "type": "object"
+ },
+ "NonEmptyAndMaxLengthString": {
+ "maxLength": 128,
+ "pattern": "^.*[a-zA-Z0-9]+.*$",
+ "type": "string"
+ },
+ "NonEmptyString": {
+ "pattern": "^.*[a-zA-Z0-9]+.*$",
+ "type": "string"
+ },
+ "ParseCloudfront": {
+ "additionalProperties": false,
+ "properties": {
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ }
+ },
+ "type": "object"
+ },
+ "ParsePostgres": {
+ "additionalProperties": false,
+ "properties": {
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ }
+ },
+ "type": "object"
+ },
+ "ParseRoute53": {
+ "additionalProperties": false,
+ "properties": {
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ }
+ },
+ "type": "object"
+ },
+ "ParseVPC": {
+ "additionalProperties": false,
+ "properties": {
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ }
+ },
+ "type": "object"
+ },
+ "ParseWAF": {
+ "additionalProperties": false,
+ "properties": {
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ }
+ },
+ "type": "object"
+ },
+ "Processor": {
+ "additionalProperties": false,
+ "description": "Individual processor configuration",
+ "maxProperties": 1,
+ "minProperties": 1,
+ "properties": {
+ "AddKeys": {
+ "additionalProperties": false,
+ "properties": {
+ "Entries": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/AddKeyEntry"
+ },
+ "maxItems": 5,
+ "minItems": 1,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "required": [
+ "Entries"
+ ],
+ "type": "object"
+ },
+ "CopyValue": {
+ "additionalProperties": false,
+ "properties": {
+ "Entries": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/CopyValueEntry"
+ },
+ "maxItems": 5,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Entries"
+ ],
+ "type": "object"
+ },
+ "Csv": {
+ "additionalProperties": false,
+ "properties": {
+ "Columns": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Column"
+ },
+ "maxItems": 100,
+ "minItems": 1,
+ "type": "array"
+ },
+ "Delimiter": {
+ "maxLength": 1,
+ "type": "string"
+ },
+ "QuoteCharacter": {
+ "maxLength": 1,
+ "type": "string"
+ },
+ "Source": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "DateTimeConverter": {
+ "additionalProperties": false,
+ "properties": {
+ "Locale": {
+ "type": "string"
+ },
+ "MatchPatterns": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/MatchPattern"
+ },
+ "maxItems": 5,
+ "minItems": 1,
+ "type": "array",
+ "uniqueItems": true
+ },
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ },
+ "SourceTimezone": {
+ "type": "string"
+ },
+ "Target": {
+ "$ref": "#/definitions/NonEmptyAndMaxLengthString"
+ },
+ "TargetFormat": {
+ "type": "string"
+ },
+ "TargetTimezone": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "Source",
+ "Target",
+ "MatchPatterns"
+ ],
+ "type": "object"
+ },
+ "DeleteKeys": {
+ "additionalProperties": false,
+ "properties": {
+ "WithKeys": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/WithKey"
+ },
+ "maxItems": 5,
+ "minItems": 1,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "required": [
+ "WithKeys"
+ ],
+ "type": "object"
+ },
+ "Grok": {
+ "additionalProperties": false,
+ "properties": {
+ "Match": {
+ "maxLength": 128,
+ "type": "string"
+ },
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ }
+ },
+ "required": [
+ "Match"
+ ],
+ "type": "object"
+ },
+ "ListToMap": {
+ "additionalProperties": false,
+ "properties": {
+ "Flatten": {
+ "type": "boolean"
+ },
+ "FlattenedElement": {
+ "enum": [
+ "first",
+ "last"
+ ],
+ "type": "string"
+ },
+ "Key": {
+ "$ref": "#/definitions/NonEmptyString"
+ },
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ },
+ "Target": {
+ "$ref": "#/definitions/NonEmptyAndMaxLengthString"
+ },
+ "ValueKey": {
+ "$ref": "#/definitions/NonEmptyString"
+ }
+ },
+ "required": [
+ "Source",
+ "Key"
+ ],
+ "type": "object"
+ },
+ "LowerCaseString": {
+ "additionalProperties": false,
+ "properties": {
+ "WithKeys": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/WithKey"
+ },
+ "maxItems": 10,
+ "minItems": 1,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "required": [
+ "WithKeys"
+ ],
+ "type": "object"
+ },
+ "MoveKeys": {
+ "additionalProperties": false,
+ "properties": {
+ "Entries": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/MoveKeyEntry"
+ },
+ "maxItems": 5,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Entries"
+ ],
+ "type": "object"
+ },
+ "ParseCloudfront": {
+ "$ref": "#/definitions/ParseCloudfront"
+ },
+ "ParseJSON": {
+ "additionalProperties": false,
+ "properties": {
+ "Destination": {
+ "$ref": "#/definitions/NonEmptyAndMaxLengthString"
+ },
+ "Source": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "ParseKeyValue": {
+ "additionalProperties": false,
+ "properties": {
+ "Destination": {
+ "$ref": "#/definitions/NonEmptyString"
+ },
+ "FieldDelimiter": {
+ "type": "string"
+ },
+ "KeyPrefix": {
+ "$ref": "#/definitions/NonEmptyString"
+ },
+ "KeyValueDelimiter": {
+ "type": "string"
+ },
+ "NonMatchValue": {
+ "$ref": "#/definitions/NonEmptyString"
+ },
+ "OverwriteIfExists": {
+ "type": "boolean"
+ },
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ }
+ },
+ "type": "object"
+ },
+ "ParsePostgres": {
+ "$ref": "#/definitions/ParsePostgres"
+ },
+ "ParseRoute53": {
+ "$ref": "#/definitions/ParseRoute53"
+ },
+ "ParseVPC": {
+ "$ref": "#/definitions/ParseVPC"
+ },
+ "ParseWAF": {
+ "$ref": "#/definitions/ParseWAF"
+ },
+ "RenameKeys": {
+ "additionalProperties": false,
+ "properties": {
+ "Entries": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/RenameKeyEntry"
+ },
+ "maxItems": 5,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Entries"
+ ],
+ "type": "object"
+ },
+ "SplitString": {
+ "additionalProperties": false,
+ "properties": {
+ "Entries": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/SplitStringEntry"
+ },
+ "maxItems": 10,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Entries"
+ ],
+ "type": "object"
+ },
+ "SubstituteString": {
+ "additionalProperties": false,
+ "properties": {
+ "Entries": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/SubstituteStringEntry"
+ },
+ "maxItems": 10,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Entries"
+ ],
+ "type": "object"
+ },
+ "TrimString": {
+ "additionalProperties": false,
+ "properties": {
+ "WithKeys": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/WithKey"
+ },
+ "maxItems": 10,
+ "minItems": 1,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "required": [
+ "WithKeys"
+ ],
+ "type": "object"
+ },
+ "TypeConverter": {
+ "additionalProperties": false,
+ "properties": {
+ "Entries": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/TypeConverterEntry"
+ },
+ "maxItems": 5,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Entries"
+ ],
+ "type": "object"
+ },
+ "UpperCaseString": {
+ "additionalProperties": false,
+ "properties": {
+ "WithKeys": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/WithKey"
+ },
+ "maxItems": 10,
+ "minItems": 1,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "required": [
+ "WithKeys"
+ ],
+ "type": "object"
+ }
+ },
+ "type": "object"
+ },
+ "RenameKeyEntry": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "$ref": "#/definitions/NonEmptyString"
+ },
+ "OverwriteIfExists": {
+ "type": "boolean"
+ },
+ "RenameTo": {
+ "$ref": "#/definitions/NonEmptyString"
+ }
+ },
+ "required": [
+ "Key",
+ "RenameTo"
+ ],
+ "type": "object"
+ },
+ "SplitStringEntry": {
+ "additionalProperties": false,
+ "properties": {
+ "Delimiter": {
+ "maxLength": 1,
+ "type": "string"
+ },
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ }
+ },
+ "required": [
+ "Source",
+ "Delimiter"
+ ],
+ "type": "object"
+ },
+ "SubstituteStringEntry": {
+ "additionalProperties": false,
+ "properties": {
+ "From": {
+ "$ref": "#/definitions/NonEmptyAndMaxLengthString"
+ },
+ "Source": {
+ "$ref": "#/definitions/NonEmptyString"
+ },
+ "To": {
+ "$ref": "#/definitions/NonEmptyAndMaxLengthString"
+ }
+ },
+ "required": [
+ "Source",
+ "From",
+ "To"
+ ],
+ "type": "object"
+ },
+ "TypeConverterEntry": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "$ref": "#/definitions/NonEmptyString"
+ },
+ "Type": {
+ "enum": [
+ "boolean",
+ "integer",
+ "double",
+ "string"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Type"
+ ],
+ "type": "object"
+ },
+ "WithKey": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "description": "Specifies a transformer on the log group to transform logs into consistent structured and information rich format.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "logs:PutTransformer",
+ "logs:GetTransformer"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "logs:DeleteTransformer"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "logs:DescribeLogGroups",
+ "logs:GetTransformer"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "logs:GetTransformer"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "logs:GetTransformer",
+ "logs:PutTransformer"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/LogGroupIdentifier"
+ ],
+ "properties": {
+ "LogGroupIdentifier": {
+ "description": "Existing log group that you want to associate with this transformer.",
+ "maxLength": 2048,
+ "minLength": 1,
+ "pattern": "[\\w#+=/:,.@-]*",
+ "type": "string"
+ },
+ "TransformerConfig": {
+ "description": "List of processors in a transformer",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Processor"
+ },
+ "maxItems": 20,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "LogGroupIdentifier",
+ "TransformerConfig"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-logs.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "taggable": false
+ },
+ "typeName": "AWS::Logs::Transformer"
+}
diff --git a/schema/aws-m2-application.json b/schema/aws-m2-application.json
index e394537..68a3e95 100644
--- a/schema/aws-m2-application.json
+++ b/schema/aws-m2-application.json
@@ -153,13 +153,18 @@
"/properties/ApplicationId"
],
"required": [
- "Definition",
"EngineType",
"Name"
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "m2:TagResource",
+ "m2:UntagResource",
+ "m2:ListTagsForResource"
+ ],
"tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
diff --git a/schema/aws-m2-deployment.json b/schema/aws-m2-deployment.json
new file mode 100644
index 0000000..345e50f
--- /dev/null
+++ b/schema/aws-m2-deployment.json
@@ -0,0 +1,131 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/EnvironmentId",
+ "/properties/ApplicationId"
+ ],
+ "description": "Represents a deployment resource of an AWS Mainframe Modernization (M2) application to a specified environment",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "m2:CreateDeployment",
+ "m2:ListDeployments",
+ "m2:GetDeployment",
+ "iam:PassRole",
+ "ec2:DescribeNetworkInterfaces",
+ "elasticloadbalancing:CreateListener",
+ "elasticloadbalancing:CreateLoadBalancer",
+ "elasticloadbalancing:CreateTargetGroup",
+ "elasticloadbalancing:AddTags",
+ "elasticloadbalancing:RegisterTargets",
+ "logs:DescribeResourcePolicies",
+ "logs:DescribeLogGroups",
+ "logs:CreateLogDelivery",
+ "logs:GetLogDelivery",
+ "logs:UpdateLogDelivery",
+ "logs:DeleteLogDelivery",
+ "logs:ListLogDeliveries",
+ "logs:CreateLogGroup",
+ "logs:PutResourcePolicy"
+ ],
+ "timeoutInMinutes": 60
+ },
+ "delete": {
+ "permissions": [
+ "elasticloadbalancing:DeleteListener",
+ "elasticloadbalancing:DeleteTargetGroup",
+ "elasticloadbalancing:DeregisterTargets",
+ "elasticloadbalancing:DeleteLoadBalancer",
+ "logs:DeleteLogDelivery",
+ "m2:ListDeployments",
+ "m2:GetDeployment",
+ "m2:DeleteApplicationFromEnvironment"
+ ],
+ "timeoutInMinutes": 60
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "ApplicationId": {
+ "$ref": "resource-schema.json#/properties/ApplicationId"
+ }
+ },
+ "required": [
+ "ApplicationId"
+ ]
+ },
+ "permissions": [
+ "m2:ListDeployments"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "m2:ListDeployments",
+ "m2:GetDeployment"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "m2:CreateDeployment",
+ "m2:ListDeployments",
+ "m2:GetDeployment",
+ "elasticloadbalancing:CreateListener",
+ "elasticloadbalancing:CreateLoadBalancer",
+ "elasticloadbalancing:CreateTargetGroup",
+ "elasticloadbalancing:DeleteListener",
+ "elasticloadbalancing:DeleteTargetGroup",
+ "elasticloadbalancing:DeregisterTargets",
+ "elasticloadbalancing:DeleteLoadBalancer",
+ "elasticloadbalancing:AddTags",
+ "elasticloadbalancing:RegisterTargets",
+ "ec2:DescribeNetworkInterfaces"
+ ],
+ "timeoutInMinutes": 60
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/ApplicationId"
+ ],
+ "properties": {
+ "ApplicationId": {
+ "description": "The application ID.",
+ "pattern": "^\\S{1,80}$",
+ "type": "string"
+ },
+ "ApplicationVersion": {
+ "description": "The version number of the application to deploy",
+ "type": "integer"
+ },
+ "DeploymentId": {
+ "description": "The deployment ID.",
+ "pattern": "^\\S{1,80}$",
+ "type": "string"
+ },
+ "EnvironmentId": {
+ "description": "The environment ID.",
+ "pattern": "^\\S{1,80}$",
+ "type": "string"
+ },
+ "Status": {
+ "description": "The status of the deployment.",
+ "type": "string"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/DeploymentId",
+ "/properties/Status"
+ ],
+ "required": [
+ "EnvironmentId",
+ "ApplicationId",
+ "ApplicationVersion"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-m2.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "taggable": false
+ },
+ "typeName": "AWS::M2::Deployment"
+}
diff --git a/schema/aws-m2-environment.json b/schema/aws-m2-environment.json
index a017ead..bc03f0d 100644
--- a/schema/aws-m2-environment.json
+++ b/schema/aws-m2-environment.json
@@ -5,6 +5,7 @@
"/properties/EngineType",
"/properties/KmsKeyId",
"/properties/Name",
+ "/properties/NetworkType",
"/properties/PubliclyAccessible",
"/properties/SecurityGroupIds",
"/properties/StorageConfigurations",
@@ -76,6 +77,13 @@
],
"type": "object"
},
+ "NetworkType": {
+ "enum": [
+ "ipv4",
+ "dual"
+ ],
+ "type": "string"
+ },
"StorageConfiguration": {
"description": "Defines the storage configuration for an environment.",
"oneOf": [
@@ -143,14 +151,16 @@
"m2:GetEnvironment",
"m2:ListTagsForResource",
"m2:TagResource"
- ]
+ ],
+ "timeoutInMinutes": 120
},
"delete": {
"permissions": [
"elasticloadbalancing:DeleteLoadBalancer",
"m2:DeleteEnvironment",
"m2:GetEnvironment"
- ]
+ ],
+ "timeoutInMinutes": 120
},
"list": {
"permissions": [
@@ -171,7 +181,8 @@
"m2:GetEnvironment",
"m2:UpdateEnvironment",
"kms:DescribeKey"
- ]
+ ],
+ "timeoutInMinutes": 120
}
},
"primaryIdentifier": [
@@ -220,6 +231,9 @@
"pattern": "^[A-Za-z0-9][A-Za-z0-9_\\-]{1,59}$",
"type": "string"
},
+ "NetworkType": {
+ "$ref": "#/definitions/NetworkType"
+ },
"PreferredMaintenanceWindow": {
"description": "Configures a desired maintenance window for the environment. If you do not provide a value, a random system-generated value will be assigned.",
"pattern": "^\\S{1,50}$",
@@ -271,7 +285,13 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "m2:TagResource",
+ "m2:UntagResource",
+ "m2:ListTagsForResource"
+ ],
"tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
diff --git a/schema/aws-macie-allowlist.json b/schema/aws-macie-allowlist.json
index 8428cf9..ab423bd 100644
--- a/schema/aws-macie-allowlist.json
+++ b/schema/aws-macie-allowlist.json
@@ -171,6 +171,10 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-macie.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "macie2:TagResource",
+ "macie2:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-macie-customdataidentifier.json b/schema/aws-macie-customdataidentifier.json
index 6ab5a42..c7ccada 100644
--- a/schema/aws-macie-customdataidentifier.json
+++ b/schema/aws-macie-customdataidentifier.json
@@ -61,7 +61,8 @@
"update": {
"permissions": [
"macie2:TagResource",
- "macie2:UntagResource"
+ "macie2:UntagResource",
+ "macie2:GetCustomDataIdentifier"
]
}
},
@@ -127,6 +128,10 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-macie.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "macie2:TagResource",
+ "macie2:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-macie-findingsfilter.json b/schema/aws-macie-findingsfilter.json
index e0647af..cf2892a 100644
--- a/schema/aws-macie-findingsfilter.json
+++ b/schema/aws-macie-findingsfilter.json
@@ -186,6 +186,10 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-macie.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "macie2:TagResource",
+ "macie2:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-macie-session.json b/schema/aws-macie-session.json
index 1865aff..88e5387 100644
--- a/schema/aws-macie-session.json
+++ b/schema/aws-macie-session.json
@@ -5,7 +5,8 @@
"create": {
"permissions": [
"macie2:GetMacieSession",
- "macie2:EnableMacie"
+ "macie2:EnableMacie",
+ "macie2:ListAutomatedDiscoveryAccounts"
]
},
"delete": {
@@ -15,18 +16,21 @@
},
"list": {
"permissions": [
- "macie2:GetMacieSession"
+ "macie2:GetMacieSession",
+ "macie2:ListAutomatedDiscoveryAccounts"
]
},
"read": {
"permissions": [
- "macie2:GetMacieSession"
+ "macie2:GetMacieSession",
+ "macie2:ListAutomatedDiscoveryAccounts"
]
},
"update": {
"permissions": [
"macie2:GetMacieSession",
- "macie2:UpdateMacieSession"
+ "macie2:UpdateMacieSession",
+ "macie2:ListAutomatedDiscoveryAccounts"
]
}
},
@@ -34,6 +38,14 @@
"/properties/AwsAccountId"
],
"properties": {
+ "AutomatedDiscoveryStatus": {
+ "description": "The status of automated sensitive data discovery for the Macie session.",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"AwsAccountId": {
"description": "AWS account ID of customer",
"type": "string"
@@ -64,7 +76,8 @@
},
"readOnlyProperties": [
"/properties/AwsAccountId",
- "/properties/ServiceRole"
+ "/properties/ServiceRole",
+ "/properties/AutomatedDiscoveryStatus"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-macie.git",
"tagging": {
diff --git a/schema/aws-mediaconnect-bridge.json b/schema/aws-mediaconnect-bridge.json
index 1ad0d27..5964eec 100644
--- a/schema/aws-mediaconnect-bridge.json
+++ b/schema/aws-mediaconnect-bridge.json
@@ -71,6 +71,10 @@
"description": "The network source multicast IP.",
"type": "string"
},
+ "MulticastSourceSettings": {
+ "$ref": "#/definitions/MulticastSourceSettings",
+ "description": "The settings related to the multicast source."
+ },
"Name": {
"description": "The name of the network source.",
"type": "string"
@@ -201,6 +205,17 @@
],
"type": "object"
},
+ "MulticastSourceSettings": {
+ "additionalProperties": false,
+ "description": "The settings related to the multicast source.",
+ "properties": {
+ "MulticastSourceIp": {
+ "description": "The IP address of the source for source-specific multicast (SSM).",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"ProtocolEnum": {
"enum": [
"rtp-fec",
@@ -237,13 +252,17 @@
"create": {
"permissions": [
"mediaconnect:CreateBridge",
- "mediaconnect:DescribeBridge"
+ "mediaconnect:DescribeBridge",
+ "mediaconnect:AddBridgeOutputs",
+ "mediaconnect:AddBridgeSources"
]
},
"delete": {
"permissions": [
"mediaconnect:DescribeBridge",
- "mediaconnect:DeleteBridge"
+ "mediaconnect:DeleteBridge",
+ "mediaconnect:RemoveBridgeOutput",
+ "mediaconnect:RemoveBridgeSource"
]
},
"list": {
diff --git a/schema/aws-mediaconnect-bridgesource.json b/schema/aws-mediaconnect-bridgesource.json
index 041f8c8..4cee14f 100644
--- a/schema/aws-mediaconnect-bridgesource.json
+++ b/schema/aws-mediaconnect-bridgesource.json
@@ -31,6 +31,10 @@
"description": "The network source multicast IP.",
"type": "string"
},
+ "MulticastSourceSettings": {
+ "$ref": "#/definitions/MulticastSourceSettings",
+ "description": "The settings related to the multicast source."
+ },
"NetworkName": {
"description": "The network source's gateway network name.",
"type": "string"
@@ -52,6 +56,17 @@
],
"type": "object"
},
+ "MulticastSourceSettings": {
+ "additionalProperties": false,
+ "description": "The settings related to the multicast source.",
+ "properties": {
+ "MulticastSourceIp": {
+ "description": "The IP address of the source for source-specific multicast (SSM).",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"ProtocolEnum": {
"enum": [
"rtp-fec",
diff --git a/schema/aws-mediaconnect-flow.json b/schema/aws-mediaconnect-flow.json
index 175484d..b202c82 100644
--- a/schema/aws-mediaconnect-flow.json
+++ b/schema/aws-mediaconnect-flow.json
@@ -6,6 +6,35 @@
"/properties/Source/Name"
],
"definitions": {
+ "AudioMonitoringSetting": {
+ "additionalProperties": false,
+ "description": "Specifies the configuration for audio stream metrics monitoring.",
+ "properties": {
+ "SilentAudio": {
+ "$ref": "#/definitions/SilentAudio"
+ }
+ },
+ "type": "object"
+ },
+ "BlackFrames": {
+ "additionalProperties": false,
+ "description": "Configures settings for the BlackFrames metric.",
+ "properties": {
+ "State": {
+ "description": "Indicates whether the BlackFrames metric is enabled or disabled.",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "ThresholdSeconds": {
+ "description": "Specifies the number of consecutive seconds of black frames that triggers an event or alert.",
+ "type": "integer"
+ }
+ },
+ "type": "object"
+ },
"Encryption": {
"additionalProperties": false,
"description": "Information about the encryption of the flow.",
@@ -168,6 +197,25 @@
},
"type": "object"
},
+ "FrozenFrames": {
+ "additionalProperties": false,
+ "description": "Configures settings for the FrozenFrames metric.",
+ "properties": {
+ "State": {
+ "description": "Indicates whether the FrozenFrames metric is enabled or disabled.",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "ThresholdSeconds": {
+ "description": "Specifies the number of consecutive seconds of a static image that triggers an event or alert.",
+ "type": "integer"
+ }
+ },
+ "type": "object"
+ },
"GatewayBridgeSource": {
"additionalProperties": false,
"description": "The source configuration for cloud flows receiving a stream from a bridge.",
@@ -350,6 +398,75 @@
],
"type": "object"
},
+ "NdiConfig": {
+ "additionalProperties": false,
+ "description": "Specifies the configuration settings for NDI outputs. Required when the flow includes NDI outputs.",
+ "properties": {
+ "MachineName": {
+ "description": "A prefix for the names of the NDI sources that the flow creates. If a custom name isn't specified, MediaConnect generates a unique 12-character ID as the prefix.",
+ "type": "string"
+ },
+ "NdiDiscoveryServers": {
+ "description": "A list of up to three NDI discovery server configurations. While not required by the API, this configuration is necessary for NDI functionality to work properly.",
+ "items": {
+ "$ref": "#/definitions/NdiDiscoveryServerConfig"
+ },
+ "type": "array"
+ },
+ "NdiState": {
+ "description": "A setting that controls whether NDI outputs can be used in the flow. Must be ENABLED to add NDI outputs. Default is DISABLED.",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "NdiDiscoveryServerConfig": {
+ "additionalProperties": false,
+ "description": "Specifies the configuration settings for individual NDI discovery servers. A maximum of 3 servers is allowed.",
+ "properties": {
+ "DiscoveryServerAddress": {
+ "description": "The unique network address of the NDI discovery server.",
+ "type": "string"
+ },
+ "DiscoveryServerPort": {
+ "description": "The port for the NDI discovery server. Defaults to 5959 if a custom port isn't specified.",
+ "format": "int32",
+ "type": "integer"
+ },
+ "VpcInterfaceAdapter": {
+ "description": "The identifier for the Virtual Private Cloud (VPC) network interface used by the flow.",
+ "type": "string"
+ }
+ },
+ "required": [
+ "DiscoveryServerAddress",
+ "VpcInterfaceAdapter"
+ ],
+ "type": "object"
+ },
+ "SilentAudio": {
+ "additionalProperties": false,
+ "description": "Configures settings for the SilentAudio metric.",
+ "properties": {
+ "State": {
+ "description": "Indicates whether the SilentAudio metric is enabled or disabled.",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "ThresholdSeconds": {
+ "description": "Specifies the number of consecutive seconds of silence that triggers an event or alert.",
+ "type": "integer"
+ }
+ },
+ "type": "object"
+ },
"Source": {
"additionalProperties": false,
"description": "The settings for the source of the flow.",
@@ -459,6 +576,56 @@
},
"type": "object"
},
+ "SourceMonitoringConfig": {
+ "additionalProperties": false,
+ "description": "The settings for source monitoring.",
+ "properties": {
+ "AudioMonitoringSettings": {
+ "description": "Contains the settings for audio stream metrics monitoring.",
+ "items": {
+ "$ref": "#/definitions/AudioMonitoringSetting"
+ },
+ "type": "array"
+ },
+ "ContentQualityAnalysisState": {
+ "description": "Indicates whether content quality analysis is enabled or disabled.",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "ThumbnailState": {
+ "description": "The state of thumbnail monitoring.",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "VideoMonitoringSettings": {
+ "description": "Contains the settings for video stream metrics monitoring.",
+ "items": {
+ "$ref": "#/definitions/VideoMonitoringSetting"
+ },
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "VideoMonitoringSetting": {
+ "additionalProperties": false,
+ "description": "Specifies the configuration for video stream metrics monitoring.",
+ "properties": {
+ "BlackFrames": {
+ "$ref": "#/definitions/BlackFrames"
+ },
+ "FrozenFrames": {
+ "$ref": "#/definitions/FrozenFrames"
+ }
+ },
+ "type": "object"
+ },
"VpcInterface": {
"additionalProperties": false,
"description": "The details of a VPC interface.",
@@ -523,13 +690,21 @@
"create": {
"permissions": [
"mediaconnect:CreateFlow",
+ "mediaconnect:AddFlowMediaStreams",
+ "mediaconnect:AddFlowSources",
+ "mediaconnect:AddFlowVpcInterfaces",
"iam:PassRole"
]
},
"delete": {
"permissions": [
"mediaconnect:DescribeFlow",
- "mediaconnect:DeleteFlow"
+ "mediaconnect:DeleteFlow",
+ "mediaconnect:RemoveFlowMediaStream",
+ "mediaconnect:RemoveFlowOutput",
+ "mediaconnect:RemoveFlowSource",
+ "mediaconnect:RemoveFlowVpcInterface",
+ "mediaconnect:RevokeFlowEntitlement"
]
},
"list": {
@@ -575,9 +750,21 @@
"description": "The Availability Zone that you want to create the flow in. These options are limited to the Availability Zones within the current AWS.(ReadOnly)",
"type": "string"
},
+ "FlowNdiMachineName": {
+ "description": "A prefix for the names of the NDI sources that the flow creates.(ReadOnly)",
+ "type": "string"
+ },
+ "FlowSize": {
+ "description": "Determines the processing capacity and feature set of the flow. Set this optional parameter to LARGE if you want to enable NDI outputs on the flow.",
+ "enum": [
+ "MEDIUM",
+ "LARGE"
+ ],
+ "type": "string"
+ },
"Maintenance": {
"$ref": "#/definitions/Maintenance",
- "description": "The maintenance settings you want to use for the flow. "
+ "description": "The maintenance settings you want to use for the flow."
},
"MediaStreams": {
"description": "The media streams associated with the flow. You can associate any of these media streams with sources and outputs on the flow.",
@@ -590,6 +777,10 @@
"description": "The name of the flow.",
"type": "string"
},
+ "NdiConfig": {
+ "$ref": "#/definitions/NdiConfig",
+ "description": "Specifies the configuration settings for NDI outputs. Required when the flow includes NDI outputs."
+ },
"Source": {
"$ref": "#/definitions/Source",
"description": "The source of the flow."
@@ -598,6 +789,10 @@
"$ref": "#/definitions/FailoverConfig",
"description": "The source failover config of the flow."
},
+ "SourceMonitoringConfig": {
+ "$ref": "#/definitions/SourceMonitoringConfig",
+ "description": "The source monitoring config of the flow."
+ },
"VpcInterfaces": {
"description": "The VPC interfaces that you added to this flow.",
"items": {
@@ -614,7 +809,8 @@
"/properties/Source/SourceIngestPort",
"/properties/VpcInterfaces/*/NetworkInterfaceIds",
"/properties/MediaStreams/*/Fmt",
- "/properties/EgressIp"
+ "/properties/EgressIp",
+ "/properties/FlowNdiMachineName"
],
"required": [
"Name",
diff --git a/schema/aws-mediaconnect-flowentitlement.json b/schema/aws-mediaconnect-flowentitlement.json
index 601667b..ce4c6e7 100644
--- a/schema/aws-mediaconnect-flowentitlement.json
+++ b/schema/aws-mediaconnect-flowentitlement.json
@@ -79,7 +79,8 @@
},
"list": {
"permissions": [
- "mediaconnect:DescribeFlow"
+ "mediaconnect:DescribeFlow",
+ "mediaconnect:ListFlows"
]
},
"read": {
diff --git a/schema/aws-mediaconnect-flowoutput.json b/schema/aws-mediaconnect-flowoutput.json
index c850629..95cbccc 100644
--- a/schema/aws-mediaconnect-flowoutput.json
+++ b/schema/aws-mediaconnect-flowoutput.json
@@ -165,7 +165,8 @@
},
"list": {
"permissions": [
- "mediaconnect:DescribeFlow"
+ "mediaconnect:DescribeFlow",
+ "mediaconnect:ListFlows"
]
},
"read": {
@@ -226,6 +227,14 @@
"description": "The name of the output. This value must be unique within the current flow.",
"type": "string"
},
+ "NdiProgramName": {
+ "description": "A suffix for the names of the NDI sources that the flow creates. If a custom name isn't specified, MediaConnect uses the output name.",
+ "type": "string"
+ },
+ "NdiSpeedHqQuality": {
+ "description": "A quality setting for the NDI Speed HQ encoder.",
+ "type": "integer"
+ },
"OutputArn": {
"description": "The ARN of the output.",
"type": "string"
@@ -254,7 +263,8 @@
"srt-listener",
"srt-caller",
"st2110-jpegxs",
- "cdi"
+ "cdi",
+ "ndi-speed-hq"
],
"type": "string"
},
diff --git a/schema/aws-mediaconnect-flowsource.json b/schema/aws-mediaconnect-flowsource.json
index bad2d09..d1fe211 100644
--- a/schema/aws-mediaconnect-flowsource.json
+++ b/schema/aws-mediaconnect-flowsource.json
@@ -109,7 +109,8 @@
},
"list": {
"permissions": [
- "mediaconnect:DescribeFlow"
+ "mediaconnect:DescribeFlow",
+ "mediaconnect:ListFlows"
]
},
"read": {
diff --git a/schema/aws-mediaconvert-queue.json b/schema/aws-mediaconvert-queue.json
index 41f979d..007b413 100644
--- a/schema/aws-mediaconvert-queue.json
+++ b/schema/aws-mediaconvert-queue.json
@@ -11,6 +11,9 @@
"Arn": {
"type": "string"
},
+ "ConcurrentJobs": {
+ "type": "integer"
+ },
"Description": {
"type": "string"
},
diff --git a/schema/aws-medialive-channel.json b/schema/aws-medialive-channel.json
index 1f31bd6..d2300c3 100644
--- a/schema/aws-medialive-channel.json
+++ b/schema/aws-medialive-channel.json
@@ -1,7 +1,8 @@
{
"additionalProperties": false,
"createOnlyProperties": [
- "/properties/Vpc"
+ "/properties/Vpc",
+ "/properties/AnywhereSettings"
],
"definitions": {
"AacSettings": {
@@ -76,6 +77,18 @@
},
"type": "object"
},
+ "AnywhereSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "ChannelPlacementGroupId": {
+ "type": "string"
+ },
+ "ClusterId": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"ArchiveCdnSettings": {
"additionalProperties": false,
"properties": {
@@ -409,6 +422,81 @@
},
"type": "object"
},
+ "Av1ColorSpaceSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "ColorSpacePassthroughSettings": {
+ "$ref": "#/definitions/ColorSpacePassthroughSettings"
+ },
+ "Hdr10Settings": {
+ "$ref": "#/definitions/Hdr10Settings"
+ },
+ "Rec601Settings": {
+ "$ref": "#/definitions/Rec601Settings"
+ },
+ "Rec709Settings": {
+ "$ref": "#/definitions/Rec709Settings"
+ }
+ },
+ "type": "object"
+ },
+ "Av1Settings": {
+ "additionalProperties": false,
+ "properties": {
+ "AfdSignaling": {
+ "type": "string"
+ },
+ "BufSize": {
+ "type": "integer"
+ },
+ "ColorSpaceSettings": {
+ "$ref": "#/definitions/Av1ColorSpaceSettings"
+ },
+ "FixedAfd": {
+ "type": "string"
+ },
+ "FramerateDenominator": {
+ "type": "integer"
+ },
+ "FramerateNumerator": {
+ "type": "integer"
+ },
+ "GopSize": {
+ "type": "number"
+ },
+ "GopSizeUnits": {
+ "type": "string"
+ },
+ "Level": {
+ "type": "string"
+ },
+ "LookAheadRateControl": {
+ "type": "string"
+ },
+ "MaxBitrate": {
+ "type": "integer"
+ },
+ "MinIInterval": {
+ "type": "integer"
+ },
+ "ParDenominator": {
+ "type": "integer"
+ },
+ "ParNumerator": {
+ "type": "integer"
+ },
+ "QvbrQualityLevel": {
+ "type": "integer"
+ },
+ "SceneChangeDetect": {
+ "type": "string"
+ },
+ "TimecodeBurninSettings": {
+ "$ref": "#/definitions/TimecodeBurninSettings"
+ }
+ },
+ "type": "object"
+ },
"AvailBlanking": {
"additionalProperties": false,
"properties": {
@@ -448,6 +536,18 @@
},
"type": "object"
},
+ "BandwidthReductionFilterSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "PostFilterSharpening": {
+ "type": "string"
+ },
+ "Strength": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"BlackoutSlate": {
"additionalProperties": false,
"properties": {
@@ -689,15 +789,42 @@
},
"type": "object"
},
+ "ChannelEngineVersionRequest": {
+ "additionalProperties": false,
+ "properties": {
+ "Version": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"CmafIngestGroupSettings": {
"additionalProperties": false,
"properties": {
"Destination": {
"$ref": "#/definitions/OutputLocationRef"
},
+ "Id3Behavior": {
+ "type": "string"
+ },
+ "Id3NameModifier": {
+ "type": "string"
+ },
+ "KlvBehavior": {
+ "type": "string"
+ },
+ "KlvNameModifier": {
+ "type": "string"
+ },
"NielsenId3Behavior": {
"type": "string"
},
+ "NielsenId3NameModifier": {
+ "type": "string"
+ },
+ "Scte35NameModifier": {
+ "type": "string"
+ },
"Scte35Type": {
"type": "string"
},
@@ -1275,6 +1402,9 @@
"H264FilterSettings": {
"additionalProperties": false,
"properties": {
+ "BandwidthReductionFilterSettings": {
+ "$ref": "#/definitions/BandwidthReductionFilterSettings"
+ },
"TemporalFilterSettings": {
"$ref": "#/definitions/TemporalFilterSettings"
}
@@ -1356,6 +1486,9 @@
"MinIInterval": {
"type": "integer"
},
+ "MinQp": {
+ "type": "integer"
+ },
"NumRefFrames": {
"type": "integer"
},
@@ -1437,6 +1570,9 @@
"H265FilterSettings": {
"additionalProperties": false,
"properties": {
+ "BandwidthReductionFilterSettings": {
+ "$ref": "#/definitions/BandwidthReductionFilterSettings"
+ },
"TemporalFilterSettings": {
"$ref": "#/definitions/TemporalFilterSettings"
}
@@ -1467,6 +1603,9 @@
"ColorSpaceSettings": {
"$ref": "#/definitions/H265ColorSpaceSettings"
},
+ "Deblocking": {
+ "type": "string"
+ },
"FilterSettings": {
"$ref": "#/definitions/H265FilterSettings"
},
@@ -1503,6 +1642,9 @@
"MinIInterval": {
"type": "integer"
},
+ "MinQp": {
+ "type": "integer"
+ },
"MvOverPictureBoundaries": {
"type": "string"
},
@@ -1904,6 +2046,13 @@
},
"InputSettings": {
"$ref": "#/definitions/InputSettings"
+ },
+ "LogicalInterfaceNames": {
+ "items": {
+ "type": "string"
+ },
+ "type": "array",
+ "uniqueItems": false
}
},
"type": "object"
@@ -2273,8 +2422,14 @@
"MediaPackageOutputDestinationSettings": {
"additionalProperties": false,
"properties": {
+ "ChannelGroup": {
+ "type": "string"
+ },
"ChannelId": {
"type": "string"
+ },
+ "ChannelName": {
+ "type": "string"
}
},
"type": "object"
@@ -2460,13 +2615,82 @@
},
"type": "object"
},
+ "MulticastInputSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "SourceIpAddress": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "MultiplexContainerSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "MultiplexM2tsSettings": {
+ "$ref": "#/definitions/MultiplexM2tsSettings"
+ }
+ },
+ "type": "object"
+ },
"MultiplexGroupSettings": {
"additionalProperties": false,
"type": "object"
},
+ "MultiplexM2tsSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "AbsentInputAudioBehavior": {
+ "type": "string"
+ },
+ "Arib": {
+ "type": "string"
+ },
+ "AudioBufferModel": {
+ "type": "string"
+ },
+ "AudioFramesPerPes": {
+ "type": "integer"
+ },
+ "AudioStreamType": {
+ "type": "string"
+ },
+ "CcDescriptor": {
+ "type": "string"
+ },
+ "Ebif": {
+ "type": "string"
+ },
+ "EsRateInPes": {
+ "type": "string"
+ },
+ "Klv": {
+ "type": "string"
+ },
+ "NielsenId3Behavior": {
+ "type": "string"
+ },
+ "PcrControl": {
+ "type": "string"
+ },
+ "PcrPeriod": {
+ "type": "integer"
+ },
+ "Scte35Control": {
+ "type": "string"
+ },
+ "Scte35PrerollPullupMilliseconds": {
+ "type": "number"
+ }
+ },
+ "type": "object"
+ },
"MultiplexOutputSettings": {
"additionalProperties": false,
"properties": {
+ "ContainerSettings": {
+ "$ref": "#/definitions/MultiplexContainerSettings"
+ },
"Destination": {
"$ref": "#/definitions/OutputLocationRef"
}
@@ -2491,6 +2715,9 @@
"HlsInputSettings": {
"$ref": "#/definitions/HlsInputSettings"
},
+ "MulticastInputSettings": {
+ "$ref": "#/definitions/MulticastInputSettings"
+ },
"ServerValidation": {
"type": "string"
}
@@ -2605,6 +2832,13 @@
},
"type": "array",
"uniqueItems": false
+ },
+ "SrtSettings": {
+ "items": {
+ "$ref": "#/definitions/SrtOutputDestinationSettings"
+ },
+ "type": "array",
+ "uniqueItems": false
}
},
"type": "object"
@@ -2673,6 +2907,9 @@
"RtmpGroupSettings": {
"$ref": "#/definitions/RtmpGroupSettings"
},
+ "SrtGroupSettings": {
+ "$ref": "#/definitions/SrtGroupSettings"
+ },
"UdpGroupSettings": {
"$ref": "#/definitions/UdpGroupSettings"
}
@@ -2727,6 +2964,9 @@
"RtmpOutputSettings": {
"$ref": "#/definitions/RtmpOutputSettings"
},
+ "SrtOutputSettings": {
+ "$ref": "#/definitions/SrtOutputSettings"
+ },
"UdpOutputSettings": {
"$ref": "#/definitions/UdpOutputSettings"
}
@@ -2894,6 +3134,51 @@
"additionalProperties": false,
"type": "object"
},
+ "SrtGroupSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "InputLossAction": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "SrtOutputDestinationSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "EncryptionPassphraseSecretArn": {
+ "type": "string"
+ },
+ "StreamId": {
+ "type": "string"
+ },
+ "Url": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "SrtOutputSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "BufferMsec": {
+ "type": "integer"
+ },
+ "ContainerSettings": {
+ "$ref": "#/definitions/UdpContainerSettings"
+ },
+ "Destination": {
+ "$ref": "#/definitions/OutputLocationRef"
+ },
+ "EncryptionType": {
+ "type": "string"
+ },
+ "Latency": {
+ "type": "integer"
+ }
+ },
+ "type": "object"
+ },
"StandardHlsSettings": {
"additionalProperties": false,
"properties": {
@@ -3048,6 +3333,9 @@
"VideoCodecSettings": {
"additionalProperties": false,
"properties": {
+ "Av1Settings": {
+ "$ref": "#/definitions/Av1Settings"
+ },
"FrameCaptureSettings": {
"$ref": "#/definitions/FrameCaptureSettings"
},
@@ -3204,6 +3492,9 @@
"/properties/Id"
],
"properties": {
+ "AnywhereSettings": {
+ "$ref": "#/definitions/AnywhereSettings"
+ },
"Arn": {
"type": "string"
},
@@ -3213,6 +3504,9 @@
"ChannelClass": {
"type": "string"
},
+ "ChannelEngineVersion": {
+ "$ref": "#/definitions/ChannelEngineVersionRequest"
+ },
"Destinations": {
"items": {
"$ref": "#/definitions/OutputDestination"
@@ -3220,6 +3514,9 @@
"type": "array",
"uniqueItems": false
},
+ "DryRun": {
+ "type": "boolean"
+ },
"EncoderSettings": {
"$ref": "#/definitions/EncoderSettings"
},
diff --git a/schema/aws-medialive-channelplacementgroup.json b/schema/aws-medialive-channelplacementgroup.json
new file mode 100644
index 0000000..61cdc23
--- /dev/null
+++ b/schema/aws-medialive-channelplacementgroup.json
@@ -0,0 +1,148 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ClusterId"
+ ],
+ "definitions": {
+ "ChannelPlacementGroupState": {
+ "description": "The current state of the ChannelPlacementGroupState",
+ "enum": [
+ "UNASSIGNED",
+ "ASSIGNING",
+ "ASSIGNED",
+ "DELETING",
+ "DELETED",
+ "UNASSIGNING"
+ ],
+ "type": "string"
+ },
+ "Tags": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "type": "string"
+ },
+ "Value": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::MediaLive::ChannelPlacementGroup Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "medialive:CreateChannelPlacementGroup",
+ "medialive:DescribeChannelPlacementGroup",
+ "medialive:CreateTags",
+ "medialive:ListTagsForResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "medialive:DeleteChannelPlacementGroup",
+ "medialive:DescribeChannelPlacementGroup"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "ClusterId": {
+ "$ref": "resource-schema.json#/properties/ClusterId"
+ }
+ },
+ "required": [
+ "ClusterId"
+ ]
+ },
+ "permissions": [
+ "medialive:ListChannelPlacementGroups"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "medialive:DescribeChannelPlacementGroup",
+ "medialive:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "medialive:UpdateChannelPlacementGroup",
+ "medialive:DescribeChannelPlacementGroup",
+ "medialive:CreateTags",
+ "medialive:DeleteTags",
+ "medialive:ListTagsForResource"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Id",
+ "/properties/ClusterId"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "The ARN of the channel placement group.",
+ "type": "string"
+ },
+ "Channels": {
+ "description": "List of channel IDs added to the channel placement group.",
+ "insertionOrder": false,
+ "items": {
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "ClusterId": {
+ "description": "The ID of the cluster the node is on.",
+ "type": "string"
+ },
+ "Id": {
+ "description": "Unique internal identifier.",
+ "type": "string"
+ },
+ "Name": {
+ "description": "The name of the channel placement group.",
+ "type": "string"
+ },
+ "Nodes": {
+ "description": "List of nodes added to the channel placement group",
+ "insertionOrder": false,
+ "items": {
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "State": {
+ "$ref": "#/definitions/ChannelPlacementGroupState"
+ },
+ "Tags": {
+ "description": "A collection of key-value pairs.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tags"
+ },
+ "type": "array"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/Channels",
+ "/properties/Id",
+ "/properties/State"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-medialive.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::MediaLive::ChannelPlacementGroup"
+}
diff --git a/schema/aws-medialive-cloudwatchalarmtemplate.json b/schema/aws-medialive-cloudwatchalarmtemplate.json
new file mode 100644
index 0000000..794be78
--- /dev/null
+++ b/schema/aws-medialive-cloudwatchalarmtemplate.json
@@ -0,0 +1,229 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Tags"
+ ],
+ "definitions": {
+ "CloudWatchAlarmTemplateComparisonOperator": {
+ "description": "The comparison operator used to compare the specified statistic and the threshold.",
+ "enum": [
+ "GreaterThanOrEqualToThreshold",
+ "GreaterThanThreshold",
+ "LessThanThreshold",
+ "LessThanOrEqualToThreshold"
+ ],
+ "type": "string"
+ },
+ "CloudWatchAlarmTemplateStatistic": {
+ "description": "The statistic to apply to the alarm's metric data.",
+ "enum": [
+ "SampleCount",
+ "Average",
+ "Sum",
+ "Minimum",
+ "Maximum"
+ ],
+ "type": "string"
+ },
+ "CloudWatchAlarmTemplateTargetResourceType": {
+ "description": "The resource type this template should dynamically generate cloudwatch metric alarms for.",
+ "enum": [
+ "CLOUDFRONT_DISTRIBUTION",
+ "MEDIALIVE_MULTIPLEX",
+ "MEDIALIVE_CHANNEL",
+ "MEDIALIVE_INPUT_DEVICE",
+ "MEDIAPACKAGE_CHANNEL",
+ "MEDIAPACKAGE_ORIGIN_ENDPOINT",
+ "MEDIACONNECT_FLOW",
+ "MEDIATAILOR_PLAYBACK_CONFIGURATION",
+ "S3_BUCKET"
+ ],
+ "type": "string"
+ },
+ "CloudWatchAlarmTemplateTreatMissingData": {
+ "description": "Specifies how missing data points are treated when evaluating the alarm's condition.",
+ "enum": [
+ "notBreaching",
+ "breaching",
+ "ignore",
+ "missing"
+ ],
+ "type": "string"
+ },
+ "TagMap": {
+ "additionalProperties": false,
+ "description": "Represents the tags associated with a resource.",
+ "patternProperties": {
+ ".+": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::MediaLive::CloudWatchAlarmTemplate Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "medialive:CreateCloudWatchAlarmTemplate",
+ "medialive:GetCloudWatchAlarmTemplate",
+ "medialive:CreateTags"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "medialive:DeleteCloudWatchAlarmTemplate"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "medialive:ListCloudWatchAlarmTemplates"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "medialive:GetCloudWatchAlarmTemplate"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "medialive:UpdateCloudWatchAlarmTemplate",
+ "medialive:GetCloudWatchAlarmTemplate",
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Identifier"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "A cloudwatch alarm template's ARN (Amazon Resource Name)",
+ "pattern": "^arn:.+:medialive:.+:cloudwatch-alarm-template:.+$",
+ "type": "string"
+ },
+ "ComparisonOperator": {
+ "$ref": "#/definitions/CloudWatchAlarmTemplateComparisonOperator"
+ },
+ "CreatedAt": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "DatapointsToAlarm": {
+ "default": 0,
+ "description": "The number of datapoints within the evaluation period that must be breaching to trigger the alarm.",
+ "minimum": 1,
+ "type": "number"
+ },
+ "Description": {
+ "description": "A resource's optional description.",
+ "maxLength": 1024,
+ "minLength": 0,
+ "type": "string"
+ },
+ "EvaluationPeriods": {
+ "default": 0,
+ "description": "The number of periods over which data is compared to the specified threshold.",
+ "minimum": 1,
+ "type": "number"
+ },
+ "GroupId": {
+ "description": "A cloudwatch alarm template group's id. AWS provided template groups have ids that start with `aws-`",
+ "maxLength": 11,
+ "minLength": 7,
+ "pattern": "^(aws-)?[0-9]{7}$",
+ "type": "string"
+ },
+ "GroupIdentifier": {
+ "description": "A cloudwatch alarm template group's identifier. Can be either be its id or current name.",
+ "pattern": "^[^\\s]+$",
+ "type": "string"
+ },
+ "Id": {
+ "description": "A cloudwatch alarm template's id. AWS provided templates have ids that start with `aws-`",
+ "maxLength": 11,
+ "minLength": 7,
+ "pattern": "^(aws-)?[0-9]{7}$",
+ "type": "string"
+ },
+ "Identifier": {
+ "type": "string"
+ },
+ "MetricName": {
+ "description": "The name of the metric associated with the alarm. Must be compatible with targetResourceType.",
+ "maxLength": 64,
+ "minLength": 0,
+ "type": "string"
+ },
+ "ModifiedAt": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "Name": {
+ "description": "A resource's name. Names must be unique within the scope of a resource type in a specific region.",
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[^\\s]+$",
+ "type": "string"
+ },
+ "Period": {
+ "default": 0,
+ "description": "The period, in seconds, over which the specified statistic is applied.",
+ "maximum": 86400,
+ "minimum": 10,
+ "type": "number"
+ },
+ "Statistic": {
+ "$ref": "#/definitions/CloudWatchAlarmTemplateStatistic"
+ },
+ "Tags": {
+ "$ref": "#/definitions/TagMap"
+ },
+ "TargetResourceType": {
+ "$ref": "#/definitions/CloudWatchAlarmTemplateTargetResourceType"
+ },
+ "Threshold": {
+ "default": 0,
+ "description": "The threshold value to compare with the specified statistic.",
+ "type": "number"
+ },
+ "TreatMissingData": {
+ "$ref": "#/definitions/CloudWatchAlarmTemplateTreatMissingData"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/CreatedAt",
+ "/properties/Id",
+ "/properties/GroupId",
+ "/properties/Identifier",
+ "/properties/ModifiedAt"
+ ],
+ "required": [
+ "ComparisonOperator",
+ "EvaluationPeriods",
+ "MetricName",
+ "Name",
+ "Period",
+ "Statistic",
+ "TargetResourceType",
+ "Threshold",
+ "TreatMissingData"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::MediaLive::CloudWatchAlarmTemplate",
+ "writeOnlyProperties": [
+ "/properties/GroupIdentifier"
+ ]
+}
diff --git a/schema/aws-medialive-cloudwatchalarmtemplategroup.json b/schema/aws-medialive-cloudwatchalarmtemplategroup.json
new file mode 100644
index 0000000..3e2991e
--- /dev/null
+++ b/schema/aws-medialive-cloudwatchalarmtemplategroup.json
@@ -0,0 +1,118 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Name",
+ "/properties/Tags"
+ ],
+ "definitions": {
+ "TagMap": {
+ "additionalProperties": false,
+ "description": "Represents the tags associated with a resource.",
+ "patternProperties": {
+ ".+": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::MediaLive::CloudWatchAlarmTemplateGroup Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "medialive:CreateCloudWatchAlarmTemplateGroup",
+ "medialive:GetCloudWatchAlarmTemplateGroup",
+ "medialive:CreateTags"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "medialive:DeleteCloudWatchAlarmTemplateGroup"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "medialive:ListCloudWatchAlarmTemplateGroups"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "medialive:GetCloudWatchAlarmTemplateGroup"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "medialive:UpdateCloudWatchAlarmTemplateGroup",
+ "medialive:GetCloudWatchAlarmTemplateGroup",
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Identifier"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "A cloudwatch alarm template group's ARN (Amazon Resource Name)",
+ "pattern": "^arn:.+:medialive:.+:cloudwatch-alarm-template-group:.+$",
+ "type": "string"
+ },
+ "CreatedAt": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "Description": {
+ "description": "A resource's optional description.",
+ "maxLength": 1024,
+ "minLength": 0,
+ "type": "string"
+ },
+ "Id": {
+ "description": "A cloudwatch alarm template group's id. AWS provided template groups have ids that start with `aws-`",
+ "maxLength": 11,
+ "minLength": 7,
+ "pattern": "^(aws-)?[0-9]{7}$",
+ "type": "string"
+ },
+ "Identifier": {
+ "type": "string"
+ },
+ "ModifiedAt": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "Name": {
+ "description": "A resource's name. Names must be unique within the scope of a resource type in a specific region.",
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[^\\s]+$",
+ "type": "string"
+ },
+ "Tags": {
+ "$ref": "#/definitions/TagMap"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/CreatedAt",
+ "/properties/Id",
+ "/properties/Identifier",
+ "/properties/ModifiedAt"
+ ],
+ "required": [
+ "Name"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::MediaLive::CloudWatchAlarmTemplateGroup"
+}
diff --git a/schema/aws-medialive-cluster.json b/schema/aws-medialive-cluster.json
new file mode 100644
index 0000000..403abad
--- /dev/null
+++ b/schema/aws-medialive-cluster.json
@@ -0,0 +1,202 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ClusterType",
+ "/properties/InstanceRoleArn"
+ ],
+ "definitions": {
+ "ClusterNetworkSettings": {
+ "additionalProperties": false,
+ "description": "On premises settings which will have the interface network mappings and default Output logical interface",
+ "properties": {
+ "DefaultRoute": {
+ "description": "Default value if the customer does not define it in channel Output API",
+ "type": "string"
+ },
+ "InterfaceMappings": {
+ "description": "Network mappings for the cluster",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/InterfaceMapping"
+ },
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "ClusterState": {
+ "description": "The current state of the Cluster.",
+ "enum": [
+ "CREATING",
+ "CREATE_FAILED",
+ "ACTIVE",
+ "DELETING",
+ "DELETED"
+ ],
+ "type": "string"
+ },
+ "ClusterType": {
+ "description": "The hardware type for the cluster.",
+ "enum": [
+ "ON_PREMISES",
+ "OUTPOSTS_RACK",
+ "OUTPOSTS_SERVER",
+ "EC2"
+ ],
+ "type": "string"
+ },
+ "InterfaceMapping": {
+ "additionalProperties": false,
+ "description": "Network mappings for the cluster",
+ "properties": {
+ "LogicalInterfaceName": {
+ "description": "logical interface name, unique in the list",
+ "type": "string"
+ },
+ "NetworkId": {
+ "description": "Network Id to be associated with the logical interface name, can be duplicated in list",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "InterfaceNetworkMapping": {
+ "additionalProperties": false,
+ "description": "Network mappings for the cluster",
+ "properties": {
+ "LogicalInterfaceName": {
+ "description": "logical interface name, unique in the list",
+ "type": "string"
+ },
+ "NetworkId": {
+ "description": "Network Id to be associated with the logical interface name, can be duplicated in list",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Tags": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "type": "string"
+ },
+ "Value": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::MediaLive::Cluster Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "medialive:CreateCluster",
+ "medialive:DescribeCluster",
+ "medialive:CreateTags",
+ "ecs:CreateCluster",
+ "ecs:RegisterTaskDefinition",
+ "ecs:TagResource",
+ "ecs:CreateService",
+ "iam:PassRole",
+ "medialive:ListTagsForResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "medialive:DeleteCluster",
+ "medialive:DescribeCluster",
+ "ecs:DeleteService"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "medialive:ListClusters"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "medialive:DescribeCluster",
+ "medialive:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "medialive:UpdateCluster",
+ "medialive:DescribeCluster",
+ "medialive:CreateTags",
+ "medialive:DeleteTags",
+ "medialive:ListTagsForResource"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Id"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "The ARN of the Cluster.",
+ "pattern": "^arn:.+:medialive:.+:cluster:.+$",
+ "type": "string"
+ },
+ "ChannelIds": {
+ "description": "The MediaLive Channels that are currently running on Nodes in this Cluster.",
+ "insertionOrder": false,
+ "items": {
+ "description": "MediaLive Channel Ids",
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "ClusterType": {
+ "$ref": "#/definitions/ClusterType"
+ },
+ "Id": {
+ "description": "The unique ID of the Cluster.",
+ "type": "string"
+ },
+ "InstanceRoleArn": {
+ "description": "The IAM role your nodes will use.",
+ "pattern": "^arn:.+:iam:.+:role/.+$",
+ "type": "string"
+ },
+ "Name": {
+ "description": "The user-specified name of the Cluster to be created.",
+ "type": "string"
+ },
+ "NetworkSettings": {
+ "$ref": "#/definitions/ClusterNetworkSettings"
+ },
+ "State": {
+ "$ref": "#/definitions/ClusterState"
+ },
+ "Tags": {
+ "description": "A collection of key-value pairs.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tags"
+ },
+ "type": "array"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/ChannelIds",
+ "/properties/Id",
+ "/properties/State"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::MediaLive::Cluster"
+}
diff --git a/schema/aws-medialive-eventbridgeruletemplate.json b/schema/aws-medialive-eventbridgeruletemplate.json
new file mode 100644
index 0000000..4081129
--- /dev/null
+++ b/schema/aws-medialive-eventbridgeruletemplate.json
@@ -0,0 +1,184 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Tags"
+ ],
+ "definitions": {
+ "EventBridgeRuleTemplateEventType": {
+ "description": "The type of event to match with the rule.",
+ "enum": [
+ "MEDIALIVE_MULTIPLEX_ALERT",
+ "MEDIALIVE_MULTIPLEX_STATE_CHANGE",
+ "MEDIALIVE_CHANNEL_ALERT",
+ "MEDIALIVE_CHANNEL_INPUT_CHANGE",
+ "MEDIALIVE_CHANNEL_STATE_CHANGE",
+ "MEDIAPACKAGE_INPUT_NOTIFICATION",
+ "MEDIAPACKAGE_KEY_PROVIDER_NOTIFICATION",
+ "MEDIAPACKAGE_HARVEST_JOB_NOTIFICATION",
+ "SIGNAL_MAP_ACTIVE_ALARM",
+ "MEDIACONNECT_ALERT",
+ "MEDIACONNECT_SOURCE_HEALTH",
+ "MEDIACONNECT_OUTPUT_HEALTH",
+ "MEDIACONNECT_FLOW_STATUS_CHANGE"
+ ],
+ "type": "string"
+ },
+ "EventBridgeRuleTemplateTarget": {
+ "additionalProperties": false,
+ "description": "The target to which to send matching events.",
+ "properties": {
+ "Arn": {
+ "description": "Target ARNs must be either an SNS topic or CloudWatch log group.",
+ "maxLength": 2048,
+ "minLength": 1,
+ "pattern": "^arn.+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Arn"
+ ],
+ "type": "object"
+ },
+ "TagMap": {
+ "additionalProperties": false,
+ "description": "Represents the tags associated with a resource.",
+ "patternProperties": {
+ ".+": {
+ "description": "Placeholder documentation for __string",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::MediaLive::EventBridgeRuleTemplate Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "medialive:CreateEventBridgeRuleTemplate",
+ "medialive:GetEventBridgeRuleTemplate",
+ "medialive:CreateTags"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "medialive:DeleteEventBridgeRuleTemplate"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "medialive:ListEventBridgeRuleTemplates"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "medialive:GetEventBridgeRuleTemplate"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "medialive:UpdateEventBridgeRuleTemplate",
+ "medialive:GetEventBridgeRuleTemplate",
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Identifier"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "An eventbridge rule template's ARN (Amazon Resource Name)",
+ "pattern": "^arn:.+:medialive:.+:eventbridge-rule-template:.+$",
+ "type": "string"
+ },
+ "CreatedAt": {
+ "description": "Placeholder documentation for __timestampIso8601",
+ "format": "date-time",
+ "type": "string"
+ },
+ "Description": {
+ "description": "A resource's optional description.",
+ "maxLength": 1024,
+ "minLength": 0,
+ "type": "string"
+ },
+ "EventTargets": {
+ "description": "Placeholder documentation for __listOfEventBridgeRuleTemplateTarget",
+ "items": {
+ "$ref": "#/definitions/EventBridgeRuleTemplateTarget"
+ },
+ "type": "array"
+ },
+ "EventType": {
+ "$ref": "#/definitions/EventBridgeRuleTemplateEventType"
+ },
+ "GroupId": {
+ "description": "An eventbridge rule template group's id. AWS provided template groups have ids that start with `aws-`",
+ "maxLength": 11,
+ "minLength": 7,
+ "pattern": "^(aws-)?[0-9]{7}$",
+ "type": "string"
+ },
+ "GroupIdentifier": {
+ "description": "An eventbridge rule template group's identifier. Can be either be its id or current name.",
+ "pattern": "^[^\\s]+$",
+ "type": "string"
+ },
+ "Id": {
+ "description": "An eventbridge rule template's id. AWS provided templates have ids that start with `aws-`",
+ "maxLength": 11,
+ "minLength": 7,
+ "pattern": "^(aws-)?[0-9]{7}$",
+ "type": "string"
+ },
+ "Identifier": {
+ "description": "Placeholder documentation for __string",
+ "type": "string"
+ },
+ "ModifiedAt": {
+ "description": "Placeholder documentation for __timestampIso8601",
+ "format": "date-time",
+ "type": "string"
+ },
+ "Name": {
+ "description": "A resource's name. Names must be unique within the scope of a resource type in a specific region.",
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[^\\s]+$",
+ "type": "string"
+ },
+ "Tags": {
+ "$ref": "#/definitions/TagMap"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/CreatedAt",
+ "/properties/GroupId",
+ "/properties/Id",
+ "/properties/Identifier",
+ "/properties/ModifiedAt"
+ ],
+ "required": [
+ "EventType",
+ "Name"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::MediaLive::EventBridgeRuleTemplate",
+ "writeOnlyProperties": [
+ "/properties/GroupIdentifier"
+ ]
+}
diff --git a/schema/aws-medialive-eventbridgeruletemplategroup.json b/schema/aws-medialive-eventbridgeruletemplategroup.json
new file mode 100644
index 0000000..d06ce9e
--- /dev/null
+++ b/schema/aws-medialive-eventbridgeruletemplategroup.json
@@ -0,0 +1,118 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Name",
+ "/properties/Tags"
+ ],
+ "definitions": {
+ "TagMap": {
+ "additionalProperties": false,
+ "description": "Represents the tags associated with a resource.",
+ "patternProperties": {
+ ".+": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::MediaLive::EventBridgeRuleTemplateGroup Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "medialive:CreateEventBridgeRuleTemplateGroup",
+ "medialive:GetEventBridgeRuleTemplateGroup",
+ "medialive:CreateTags"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "medialive:DeleteEventBridgeRuleTemplateGroup"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "medialive:ListEventBridgeRuleTemplateGroups"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "medialive:GetEventBridgeRuleTemplateGroup"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "medialive:UpdateEventBridgeRuleTemplateGroup",
+ "medialive:GetEventBridgeRuleTemplateGroup",
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Identifier"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "An eventbridge rule template group's ARN (Amazon Resource Name)",
+ "pattern": "^arn:.+:medialive:.+:eventbridge-rule-template-group:.+$",
+ "type": "string"
+ },
+ "CreatedAt": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "Description": {
+ "description": "A resource's optional description.",
+ "maxLength": 1024,
+ "minLength": 0,
+ "type": "string"
+ },
+ "Id": {
+ "description": "An eventbridge rule template group's id. AWS provided template groups have ids that start with `aws-`",
+ "maxLength": 11,
+ "minLength": 7,
+ "pattern": "^(aws-)?[0-9]{7}$",
+ "type": "string"
+ },
+ "Identifier": {
+ "type": "string"
+ },
+ "ModifiedAt": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "Name": {
+ "description": "A resource's name. Names must be unique within the scope of a resource type in a specific region.",
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[^\\s]+$",
+ "type": "string"
+ },
+ "Tags": {
+ "$ref": "#/definitions/TagMap"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/CreatedAt",
+ "/properties/Id",
+ "/properties/Identifier",
+ "/properties/ModifiedAt"
+ ],
+ "required": [
+ "Name"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::MediaLive::EventBridgeRuleTemplateGroup"
+}
diff --git a/schema/aws-medialive-input.json b/schema/aws-medialive-input.json
index a5d32b5..f07da48 100644
--- a/schema/aws-medialive-input.json
+++ b/schema/aws-medialive-input.json
@@ -2,12 +2,26 @@
"additionalProperties": false,
"createOnlyProperties": [
"/properties/Vpc",
- "/properties/Type"
+ "/properties/Type",
+ "/properties/InputNetworkLocation"
],
"definitions": {
"InputDestinationRequest": {
"additionalProperties": false,
"properties": {
+ "Network": {
+ "type": "string"
+ },
+ "NetworkRoutes": {
+ "items": {
+ "$ref": "#/definitions/InputRequestDestinationRoute"
+ },
+ "type": "array",
+ "uniqueItems": false
+ },
+ "StaticIpAddress": {
+ "type": "string"
+ },
"StreamName": {
"type": "string"
}
@@ -23,6 +37,18 @@
},
"type": "object"
},
+ "InputRequestDestinationRoute": {
+ "additionalProperties": false,
+ "properties": {
+ "Cidr": {
+ "type": "string"
+ },
+ "Gateway": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"InputSourceRequest": {
"additionalProperties": false,
"properties": {
@@ -66,6 +92,77 @@
}
},
"type": "object"
+ },
+ "MulticastSettingsCreateRequest": {
+ "additionalProperties": false,
+ "properties": {
+ "Sources": {
+ "items": {
+ "$ref": "#/definitions/MulticastSourceCreateRequest"
+ },
+ "type": "array",
+ "uniqueItems": false
+ }
+ },
+ "type": "object"
+ },
+ "MulticastSourceCreateRequest": {
+ "additionalProperties": false,
+ "properties": {
+ "SourceIp": {
+ "type": "string"
+ },
+ "Url": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "SrtCallerDecryptionRequest": {
+ "additionalProperties": false,
+ "properties": {
+ "Algorithm": {
+ "type": "string"
+ },
+ "PassphraseSecretArn": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "SrtCallerSourceRequest": {
+ "additionalProperties": false,
+ "properties": {
+ "Decryption": {
+ "$ref": "#/definitions/SrtCallerDecryptionRequest"
+ },
+ "MinimumLatency": {
+ "type": "integer"
+ },
+ "SrtListenerAddress": {
+ "type": "string"
+ },
+ "SrtListenerPort": {
+ "type": "string"
+ },
+ "StreamId": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "SrtSettingsRequest": {
+ "additionalProperties": false,
+ "properties": {
+ "SrtCallerSources": {
+ "items": {
+ "$ref": "#/definitions/SrtCallerSourceRequest"
+ },
+ "type": "array",
+ "uniqueItems": false
+ }
+ },
+ "type": "object"
}
},
"description": "Resource Type definition for AWS::MediaLive::Input",
@@ -93,6 +190,9 @@
"type": "array",
"uniqueItems": false
},
+ "InputNetworkLocation": {
+ "type": "string"
+ },
"InputSecurityGroups": {
"items": {
"type": "string"
@@ -107,6 +207,9 @@
"type": "array",
"uniqueItems": false
},
+ "MulticastSettings": {
+ "$ref": "#/definitions/MulticastSettingsCreateRequest"
+ },
"Name": {
"type": "string"
},
@@ -120,6 +223,9 @@
"type": "array",
"uniqueItems": false
},
+ "SrtSettings": {
+ "$ref": "#/definitions/SrtSettingsRequest"
+ },
"Tags": {
"type": "object"
},
diff --git a/schema/aws-medialive-inputsecuritygroup.json b/schema/aws-medialive-inputsecuritygroup.json
index 089370b..6ce9954 100644
--- a/schema/aws-medialive-inputsecuritygroup.json
+++ b/schema/aws-medialive-inputsecuritygroup.json
@@ -1,5 +1,8 @@
{
"additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Tags"
+ ],
"definitions": {
"InputWhitelistRuleCidr": {
"additionalProperties": false,
@@ -34,8 +37,8 @@
}
},
"readOnlyProperties": [
- "/properties/Arn",
- "/properties/Id"
+ "/properties/Id",
+ "/properties/Arn"
],
"typeName": "AWS::MediaLive::InputSecurityGroup"
}
diff --git a/schema/aws-medialive-multiplex.json b/schema/aws-medialive-multiplex.json
index fd260d2..6772410 100644
--- a/schema/aws-medialive-multiplex.json
+++ b/schema/aws-medialive-multiplex.json
@@ -187,6 +187,10 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-medialive.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-medialive-multiplexprogram.json b/schema/aws-medialive-multiplexprogram.json
index aa6888f..87328dc 100644
--- a/schema/aws-medialive-multiplexprogram.json
+++ b/schema/aws-medialive-multiplexprogram.json
@@ -281,6 +281,9 @@
"type": "string"
}
},
+ "readOnlyProperties": [
+ "/properties/ChannelId"
+ ],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-medialiveprogram.git",
"tagging": {
"taggable": false
diff --git a/schema/aws-medialive-network.json b/schema/aws-medialive-network.json
new file mode 100644
index 0000000..01eec8b
--- /dev/null
+++ b/schema/aws-medialive-network.json
@@ -0,0 +1,169 @@
+{
+ "additionalProperties": false,
+ "definitions": {
+ "IpPool": {
+ "additionalProperties": false,
+ "description": "IP address cidr pool",
+ "properties": {
+ "Cidr": {
+ "description": "IP address cidr pool",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "NetworkState": {
+ "enum": [
+ "CREATING",
+ "CREATE_FAILED",
+ "ACTIVE",
+ "DELETING",
+ "IDLE",
+ "IN_USE",
+ "UPDATING",
+ "DELETED",
+ "DELETE_FAILED"
+ ],
+ "type": "string"
+ },
+ "Route": {
+ "additionalProperties": false,
+ "properties": {
+ "Cidr": {
+ "description": "Ip address cidr",
+ "type": "string"
+ },
+ "Gateway": {
+ "description": "IP address for the route packet paths",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Tags": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "type": "string"
+ },
+ "Value": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Resource schema for AWS::MediaLive::Network.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "medialive:CreateNetwork",
+ "medialive:CreateTags",
+ "medialive:DescribeNetwork",
+ "medialive:ListTagsForResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "medialive:DeleteNetwork",
+ "medialive:DescribeNetwork"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "medialive:ListNetworks"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "medialive:DescribeNetwork",
+ "medialive:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "medialive:UpdateNetwork",
+ "medialive:CreateTags",
+ "medialive:DeleteTags",
+ "medialive:DescribeNetwork",
+ "medialive:ListTagsForResource"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Id"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "The ARN of the Network.",
+ "type": "string"
+ },
+ "AssociatedClusterIds": {
+ "insertionOrder": false,
+ "items": {
+ "description": "Cluster Ids which have this network ID in their Interface Network Mappings",
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "Id": {
+ "description": "The unique ID of the Network.",
+ "type": "string"
+ },
+ "IpPools": {
+ "description": "The list of IP address cidr pools for the network",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/IpPool"
+ },
+ "type": "array"
+ },
+ "Name": {
+ "description": "The user-specified name of the Network to be created.",
+ "type": "string"
+ },
+ "Routes": {
+ "description": "The routes for the network",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Route"
+ },
+ "type": "array"
+ },
+ "State": {
+ "$ref": "#/definitions/NetworkState",
+ "description": "The current state of the Network."
+ },
+ "Tags": {
+ "description": "A collection of key-value pairs.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tags"
+ },
+ "type": "array"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/Id",
+ "/properties/State",
+ "/properties/AssociatedClusterIds"
+ ],
+ "required": [
+ "Name",
+ "IpPools"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::MediaLive::Network"
+}
diff --git a/schema/aws-medialive-sdisource.json b/schema/aws-medialive-sdisource.json
new file mode 100644
index 0000000..4e351f0
--- /dev/null
+++ b/schema/aws-medialive-sdisource.json
@@ -0,0 +1,144 @@
+{
+ "additionalProperties": false,
+ "definitions": {
+ "SdiSourceMode": {
+ "description": "The current state of the SdiSource.",
+ "enum": [
+ "QUADRANT",
+ "INTERLEAVE"
+ ],
+ "type": "string"
+ },
+ "SdiSourceState": {
+ "description": "The current state of the SdiSource.",
+ "enum": [
+ "IDLE",
+ "IN_USE",
+ "DELETED"
+ ],
+ "type": "string"
+ },
+ "SdiSourceType": {
+ "description": "The interface mode of the SdiSource.",
+ "enum": [
+ "SINGLE",
+ "QUAD"
+ ],
+ "type": "string"
+ },
+ "Tags": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "type": "string"
+ },
+ "Value": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::MediaLive::SdiSource Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "medialive:CreateSdiSource",
+ "medialive:CreateTags",
+ "medialive:DescribeSdiSource",
+ "medialive:ListTagsForResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "medialive:DeleteSdiSource",
+ "medialive:DescribeSdiSource"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "medialive:ListSdiSources"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "medialive:DescribeSdiSource",
+ "medialive:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "medialive:UpdateSdiSource",
+ "medialive:DescribeSdiSource",
+ "medialive:CreateTags",
+ "medialive:DeleteTags",
+ "medialive:ListTagsForResource"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Id"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "The unique arn of the SdiSource.",
+ "type": "string"
+ },
+ "Id": {
+ "description": "The unique identifier of the SdiSource.",
+ "type": "string"
+ },
+ "Inputs": {
+ "description": "The list of inputs currently using this SDI source.",
+ "insertionOrder": false,
+ "items": {
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "Mode": {
+ "$ref": "#/definitions/SdiSourceMode"
+ },
+ "Name": {
+ "description": "The name of the SdiSource.",
+ "type": "string"
+ },
+ "State": {
+ "$ref": "#/definitions/SdiSourceState"
+ },
+ "Tags": {
+ "description": "A collection of key-value pairs.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tags"
+ },
+ "type": "array"
+ },
+ "Type": {
+ "$ref": "#/definitions/SdiSourceType"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Id",
+ "/properties/State",
+ "/properties/Arn",
+ "/properties/Inputs"
+ ],
+ "required": [
+ "Name",
+ "Type"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::MediaLive::SdiSource"
+}
diff --git a/schema/aws-medialive-signalmap.json b/schema/aws-medialive-signalmap.json
new file mode 100644
index 0000000..1d558c8
--- /dev/null
+++ b/schema/aws-medialive-signalmap.json
@@ -0,0 +1,424 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Tags"
+ ],
+ "definitions": {
+ "FailedMediaResourceMap": {
+ "additionalProperties": false,
+ "description": "A map representing an incomplete AWS media workflow as a graph.",
+ "patternProperties": {
+ ".+": {
+ "$ref": "#/definitions/MediaResource"
+ }
+ },
+ "type": "object"
+ },
+ "MediaResource": {
+ "additionalProperties": false,
+ "description": "An AWS resource used in media workflows.",
+ "properties": {
+ "Destinations": {
+ "items": {
+ "$ref": "#/definitions/MediaResourceNeighbor"
+ },
+ "type": "array"
+ },
+ "Name": {
+ "description": "The logical name of an AWS media resource.",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ },
+ "Sources": {
+ "items": {
+ "$ref": "#/definitions/MediaResourceNeighbor"
+ },
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "MediaResourceMap": {
+ "additionalProperties": false,
+ "description": "A map representing an AWS media workflow as a graph.",
+ "patternProperties": {
+ ".+": {
+ "$ref": "#/definitions/MediaResource"
+ }
+ },
+ "type": "object"
+ },
+ "MediaResourceNeighbor": {
+ "additionalProperties": false,
+ "description": "A direct source or destination neighbor to an AWS media resource.",
+ "properties": {
+ "Arn": {
+ "description": "The ARN of a resource used in AWS media workflows.",
+ "maxLength": 2048,
+ "minLength": 1,
+ "pattern": "^arn.+$",
+ "type": "string"
+ },
+ "Name": {
+ "description": "The logical name of an AWS media resource.",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Arn"
+ ],
+ "type": "object"
+ },
+ "MonitorDeployment": {
+ "additionalProperties": false,
+ "description": "Represents the latest monitor deployment of a signal map.",
+ "properties": {
+ "DetailsUri": {
+ "description": "URI associated with a signal map's monitor deployment.",
+ "maxLength": 2048,
+ "minLength": 0,
+ "type": "string"
+ },
+ "ErrorMessage": {
+ "description": "Error message associated with a failed monitor deployment of a signal map.",
+ "maxLength": 2048,
+ "minLength": 0,
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/SignalMapMonitorDeploymentStatus"
+ }
+ },
+ "required": [
+ "Status"
+ ],
+ "type": "object"
+ },
+ "SignalMapMonitorDeploymentStatus": {
+ "description": "A signal map's monitor deployment status.",
+ "enum": [
+ "NOT_DEPLOYED",
+ "DRY_RUN_DEPLOYMENT_COMPLETE",
+ "DRY_RUN_DEPLOYMENT_FAILED",
+ "DRY_RUN_DEPLOYMENT_IN_PROGRESS",
+ "DEPLOYMENT_COMPLETE",
+ "DEPLOYMENT_FAILED",
+ "DEPLOYMENT_IN_PROGRESS",
+ "DELETE_COMPLETE",
+ "DELETE_FAILED",
+ "DELETE_IN_PROGRESS"
+ ],
+ "type": "string"
+ },
+ "SignalMapStatus": {
+ "description": "A signal map's current status which is dependent on its lifecycle actions or associated jobs.",
+ "enum": [
+ "CREATE_IN_PROGRESS",
+ "CREATE_COMPLETE",
+ "CREATE_FAILED",
+ "UPDATE_IN_PROGRESS",
+ "UPDATE_COMPLETE",
+ "UPDATE_REVERTED",
+ "UPDATE_FAILED",
+ "READY",
+ "NOT_READY"
+ ],
+ "type": "string"
+ },
+ "SuccessfulMonitorDeployment": {
+ "additionalProperties": false,
+ "description": "Represents the latest successful monitor deployment of a signal map.",
+ "properties": {
+ "DetailsUri": {
+ "description": "URI associated with a signal map's monitor deployment.",
+ "maxLength": 2048,
+ "minLength": 0,
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/SignalMapMonitorDeploymentStatus"
+ }
+ },
+ "required": [
+ "DetailsUri",
+ "Status"
+ ],
+ "type": "object"
+ },
+ "TagMap": {
+ "additionalProperties": false,
+ "description": "Represents the tags associated with a resource.",
+ "patternProperties": {
+ ".+": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Unit": {
+ "additionalProperties": false,
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::MediaLive::SignalMap Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "medialive:CreateSignalMap",
+ "medialive:GetSignalMap",
+ "medialive:CreateTags",
+ "medialive:DescribeChannel",
+ "medialive:DescribeInput",
+ "medialive:DescribeInputDevice",
+ "medialive:DescribeInputSecurityGroup",
+ "medialive:DescribeMultiplex",
+ "medialive:DescribeMultiplexProgram",
+ "medialive:ListChannels",
+ "medialive:ListInputDevices",
+ "medialive:ListInputSecurityGroups",
+ "medialive:ListInputs",
+ "medialive:ListMultiplexPrograms",
+ "medialive:ListMultiplexes",
+ "medialive:ListOfferings",
+ "medialive:ListReservations",
+ "medialive:ListTagsForResource",
+ "cloudfront:ListDistributions",
+ "cloudfront:GetDistribution",
+ "ec2:DescribeNetworkInterfaces",
+ "mediaconnect:ListEntitlements",
+ "mediaconnect:ListFlows",
+ "mediaconnect:ListOfferings",
+ "mediaconnect:ListReservations",
+ "mediaconnect:DescribeFlow",
+ "mediapackage:ListChannels",
+ "mediapackage:ListOriginEndpoints",
+ "mediapackage:DescribeChannel",
+ "mediapackage:DescribeOriginEndpoint",
+ "mediapackagev2:ListChannelGroups",
+ "mediapackagev2:ListChannels",
+ "mediapackagev2:ListOriginEndpoints",
+ "mediapackagev2:GetChannelGroup",
+ "mediapackagev2:GetChannel",
+ "mediapackagev2:GetOriginEndpoint",
+ "tag:GetResources"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "medialive:GetSignalMap",
+ "medialive:DeleteSignalMap"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "medialive:ListSignalMaps"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "medialive:GetSignalMap",
+ "tag:GetResources"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "medialive:StartUpdateSignalMap",
+ "medialive:GetSignalMap",
+ "medialive:CreateTags",
+ "medialive:DeleteTags",
+ "medialive:DescribeChannel",
+ "medialive:DescribeInput",
+ "medialive:DescribeInputDevice",
+ "medialive:DescribeInputSecurityGroup",
+ "medialive:DescribeMultiplex",
+ "medialive:DescribeMultiplexProgram",
+ "medialive:ListChannels",
+ "medialive:ListInputDevices",
+ "medialive:ListInputSecurityGroups",
+ "medialive:ListInputs",
+ "medialive:ListMultiplexPrograms",
+ "medialive:ListMultiplexes",
+ "medialive:ListOfferings",
+ "medialive:ListReservations",
+ "medialive:ListTagsForResource",
+ "cloudfront:ListDistributions",
+ "cloudfront:GetDistribution",
+ "ec2:DescribeNetworkInterfaces",
+ "mediaconnect:ListEntitlements",
+ "mediaconnect:ListFlows",
+ "mediaconnect:ListOfferings",
+ "mediaconnect:ListReservations",
+ "mediaconnect:DescribeFlow",
+ "mediapackage:ListChannels",
+ "mediapackage:ListOriginEndpoints",
+ "mediapackage:DescribeChannel",
+ "mediapackage:DescribeOriginEndpoint",
+ "mediapackagev2:ListChannelGroups",
+ "mediapackagev2:ListChannels",
+ "mediapackagev2:ListOriginEndpoints",
+ "mediapackagev2:GetChannelGroup",
+ "mediapackagev2:GetChannel",
+ "mediapackagev2:GetOriginEndpoint",
+ "tag:GetResources"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Identifier"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "A signal map's ARN (Amazon Resource Name)",
+ "pattern": "^arn:.+:medialive:.+:signal-map:.+$",
+ "type": "string"
+ },
+ "CloudWatchAlarmTemplateGroupIdentifiers": {
+ "items": {
+ "pattern": "^[^\\s]+$",
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "CloudWatchAlarmTemplateGroupIds": {
+ "items": {
+ "maxLength": 11,
+ "minLength": 7,
+ "pattern": "^(aws-)?[0-9]{7}$",
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "CreatedAt": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "Description": {
+ "description": "A resource's optional description.",
+ "maxLength": 1024,
+ "minLength": 0,
+ "type": "string"
+ },
+ "DiscoveryEntryPointArn": {
+ "description": "A top-level supported AWS resource ARN to discovery a signal map from.",
+ "maxLength": 2048,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ErrorMessage": {
+ "description": "Error message associated with a failed creation or failed update attempt of a signal map.",
+ "maxLength": 2048,
+ "minLength": 0,
+ "type": "string"
+ },
+ "EventBridgeRuleTemplateGroupIdentifiers": {
+ "items": {
+ "pattern": "^[^\\s]+$",
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "EventBridgeRuleTemplateGroupIds": {
+ "items": {
+ "maxLength": 11,
+ "minLength": 7,
+ "pattern": "^(aws-)?[0-9]{7}$",
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "FailedMediaResourceMap": {
+ "$ref": "#/definitions/FailedMediaResourceMap"
+ },
+ "ForceRediscovery": {
+ "default": false,
+ "description": "If true, will force a rediscovery of a signal map if an unchanged discoveryEntryPointArn is provided.",
+ "type": "boolean"
+ },
+ "Id": {
+ "description": "A signal map's id.",
+ "maxLength": 11,
+ "minLength": 7,
+ "pattern": "^(aws-)?[0-9]{7}$",
+ "type": "string"
+ },
+ "Identifier": {
+ "type": "string"
+ },
+ "LastDiscoveredAt": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "LastSuccessfulMonitorDeployment": {
+ "$ref": "#/definitions/SuccessfulMonitorDeployment"
+ },
+ "MediaResourceMap": {
+ "$ref": "#/definitions/MediaResourceMap"
+ },
+ "ModifiedAt": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "MonitorChangesPendingDeployment": {
+ "default": false,
+ "description": "If true, there are pending monitor changes for this signal map that can be deployed.",
+ "type": "boolean"
+ },
+ "MonitorDeployment": {
+ "$ref": "#/definitions/MonitorDeployment"
+ },
+ "Name": {
+ "description": "A resource's name. Names must be unique within the scope of a resource type in a specific region.",
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[^\\s]+$",
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/SignalMapStatus"
+ },
+ "Tags": {
+ "$ref": "#/definitions/TagMap"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/CloudWatchAlarmTemplateGroupIds",
+ "/properties/CreatedAt",
+ "/properties/ErrorMessage",
+ "/properties/EventBridgeRuleTemplateGroupIds",
+ "/properties/FailedMediaResourceMap",
+ "/properties/Id",
+ "/properties/Identifier",
+ "/properties/LastDiscoveredAt",
+ "/properties/LastSuccessfulMonitorDeployment",
+ "/properties/MediaResourceMap",
+ "/properties/ModifiedAt",
+ "/properties/MonitorChangesPendingDeployment",
+ "/properties/MonitorDeployment",
+ "/properties/Status"
+ ],
+ "required": [
+ "DiscoveryEntryPointArn",
+ "Name"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "medialive:CreateTags",
+ "medialive:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::MediaLive::SignalMap",
+ "writeOnlyProperties": [
+ "/properties/CloudWatchAlarmTemplateGroupIdentifiers",
+ "/properties/EventBridgeRuleTemplateGroupIdentifiers",
+ "/properties/ForceRediscovery"
+ ]
+}
diff --git a/schema/aws-mediapackage-originendpoint.json b/schema/aws-mediapackage-originendpoint.json
index 1558ac6..8d30412 100644
--- a/schema/aws-mediapackage-originendpoint.json
+++ b/schema/aws-mediapackage-originendpoint.json
@@ -590,6 +590,10 @@
"update": {
"permissions": [
"mediapackage:UpdateOriginEndpoint",
+ "mediapackage:TagResource",
+ "mediapackage:ListTagsForResource",
+ "mediapackage:UntagResource",
+ "mediapackage:DescribeOriginEndpoint",
"iam:PassRole"
]
}
@@ -683,9 +687,13 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "mediapackage:TagResource",
+ "mediapackage:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
- "tagUpdatable": false,
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::MediaPackage::OriginEndpoint"
diff --git a/schema/aws-mediapackagev2-channel.json b/schema/aws-mediapackagev2-channel.json
index c5c85ef..178a977 100644
--- a/schema/aws-mediapackagev2-channel.json
+++ b/schema/aws-mediapackagev2-channel.json
@@ -27,6 +27,17 @@
},
"type": "object"
},
+ "InputSwitchConfiguration": {
+ "additionalProperties": false,
+ "description": "The configuration for input switching based on the media quality confidence score (MQCS) as provided from AWS Elemental MediaLive.
",
+ "properties": {
+ "MQCSInputSwitching": {
+ "description": "When true, AWS Elemental MediaPackage performs input switching based on the MQCS. Default is true. This setting is valid only when InputType is CMAF.
",
+ "type": "boolean"
+ }
+ },
+ "type": "object"
+ },
"InputType": {
"enum": [
"HLS",
@@ -34,6 +45,17 @@
],
"type": "string"
},
+ "OutputHeaderConfiguration": {
+ "additionalProperties": false,
+ "description": "The settings for what common media server data (CMSD) headers AWS Elemental MediaPackage includes in responses to the CDN.
",
+ "properties": {
+ "PublishMQCS": {
+ "description": "When true, AWS Elemental MediaPackage includes the MQCS in responses to the CDN. This setting is valid only when InputType is CMAF.
",
+ "type": "boolean"
+ }
+ },
+ "type": "object"
+ },
"Tag": {
"additionalProperties": false,
"properties": {
@@ -134,6 +156,9 @@
},
"type": "array"
},
+ "InputSwitchConfiguration": {
+ "$ref": "#/definitions/InputSwitchConfiguration"
+ },
"InputType": {
"$ref": "#/definitions/InputType"
},
@@ -142,6 +167,9 @@
"format": "date-time",
"type": "string"
},
+ "OutputHeaderConfiguration": {
+ "$ref": "#/definitions/OutputHeaderConfiguration"
+ },
"Tags": {
"insertionOrder": false,
"items": {
@@ -164,6 +192,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-mediapackagev2",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "mediapackagev2:TagResource",
+ "mediapackagev2:UntagResource",
+ "mediapackagev2:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-mediapackagev2-channelgroup.json b/schema/aws-mediapackagev2-channelgroup.json
index 24d9534..478bb3b 100644
--- a/schema/aws-mediapackagev2-channelgroup.json
+++ b/schema/aws-mediapackagev2-channelgroup.json
@@ -109,6 +109,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-mediapackagev2",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "mediapackagev2:TagResource",
+ "mediapackagev2:UntagResource",
+ "mediapackagev2:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-mediapackagev2-originendpoint.json b/schema/aws-mediapackagev2-originendpoint.json
index d91e30a..eba923e 100644
--- a/schema/aws-mediapackagev2-originendpoint.json
+++ b/schema/aws-mediapackagev2-originendpoint.json
@@ -150,7 +150,8 @@
"CLEAR_KEY_AES_128",
"FAIRPLAY",
"PLAYREADY",
- "WIDEVINE"
+ "WIDEVINE",
+ "IRDETO"
],
"type": "string"
},
@@ -227,6 +228,11 @@
"additionalProperties": false,
"description": "Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.
",
"properties": {
+ "ClipStartTime": {
+ "description": "Optionally specify the clip start time for all of your manifest egress requests. When you include clip start time, note that you cannot use clip start time query parameters for this manifest's endpoint URL.
",
+ "format": "date-time",
+ "type": "string"
+ },
"End": {
"description": "Optionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.
",
"format": "date-time",
@@ -257,7 +263,7 @@
"description": "The failover settings for the endpoint.
",
"properties": {
"EndpointErrorConditions": {
- "description": "The failover settings for the endpoint. The options are:
\n \n - \n
\n STALE_MANIFEST - The manifest stalled and there a no new segments or parts.
\n \n - \n
\n INCOMPLETE_MANIFEST - There is a gap in the manifest.
\n \n - \n
\n MISSING_DRM_KEY - Key rotation is enabled but we're unable to fetch the key for the current key period.
\n \n
",
+ "description": "The failover conditions for the endpoint. The options are:
\n \n - \n
\n STALE_MANIFEST - The manifest stalled and there are no new segments or parts.
\n \n - \n
\n INCOMPLETE_MANIFEST - There is a gap in the manifest.
\n \n - \n
\n MISSING_DRM_KEY - Key rotation is enabled but we're unable to fetch the key for the current key period.
\n \n - \n
\n SLATE_INPUT - The segments which contain slate content are considered to be missing content.
\n \n
",
"items": {
"$ref": "#/definitions/EndpointErrorCondition"
},
@@ -292,15 +298,22 @@
"type": "integer"
},
"ProgramDateTimeIntervalSeconds": {
- "description": "Inserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval, \n EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest. \n The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player. \n ID3Timed metadata messages generate every 5 seconds whenever the content is ingested.
\n Irrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.
",
+ "description": "Inserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval,\n EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest.\n The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.
\n Irrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.
",
"type": "integer"
},
"ScteHls": {
"$ref": "#/definitions/ScteHls"
},
+ "StartTag": {
+ "$ref": "#/definitions/StartTag"
+ },
"Url": {
"description": "The egress domain URL for stream delivery from MediaPackage.
",
"type": "string"
+ },
+ "UrlEncodeChildManifest": {
+ "description": "When enabled, MediaPackage URL-encodes the query string for API requests for HLS child manifests to comply with Amazon Web Services Signature Version 4 (SigV4) signature signing protocol.\n For more information, see Amazon Web Services Signature Version 4 for API requests in Identity and Access Management User Guide.
",
+ "type": "boolean"
}
},
"required": [
@@ -334,15 +347,22 @@
"type": "integer"
},
"ProgramDateTimeIntervalSeconds": {
- "description": "Inserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval, \n EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest. \n The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player. \n ID3Timed metadata messages generate every 5 seconds whenever the content is ingested.
\n Irrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.
",
+ "description": "Inserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval,\n EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest.\n The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.
\n Irrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.
",
"type": "integer"
},
"ScteHls": {
"$ref": "#/definitions/ScteHls"
},
+ "StartTag": {
+ "$ref": "#/definitions/StartTag"
+ },
"Url": {
"description": "The egress domain URL for stream delivery from MediaPackage.
",
"type": "string"
+ },
+ "UrlEncodeChildManifest": {
+ "description": "When enabled, MediaPackage URL-encodes the query string for API requests for LL-HLS child manifests to comply with Amazon Web Services Signature Version 4 (SigV4) signature signing protocol.\n For more information, see Amazon Web Services Signature Version 4 for API requests in Identity and Access Management User Guide.
",
+ "type": "boolean"
}
},
"required": [
@@ -508,6 +528,24 @@
],
"type": "object"
},
+ "StartTag": {
+ "additionalProperties": false,
+ "description": "To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.
",
+ "properties": {
+ "Precise": {
+ "description": "Specify the value for PRECISE within your EXT-X-START tag. Leave blank, or choose false, to use the default value NO. Choose yes to use the value YES.
",
+ "type": "boolean"
+ },
+ "TimeOffset": {
+ "description": "Specify the value for TIME-OFFSET within your EXT-X-START tag. Enter a signed floating point value which, if positive, must be less than the configured manifest duration minus three times the configured segment target duration. If negative, the absolute value must be larger than three times the configured segment target duration, and the absolute value must be smaller than the configured manifest duration.
",
+ "type": "number"
+ }
+ },
+ "required": [
+ "TimeOffset"
+ ],
+ "type": "object"
+ },
"Tag": {
"additionalProperties": false,
"properties": {
@@ -694,11 +732,17 @@
"required": [
"ChannelGroupName",
"ChannelName",
- "OriginEndpointName"
+ "OriginEndpointName",
+ "ContainerType"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-mediapackagev2",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "mediapackagev2:TagResource",
+ "mediapackagev2:UntagResource",
+ "mediapackagev2:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-memorydb-acl.json b/schema/aws-memorydb-acl.json
index a9572dd..fb0b282 100644
--- a/schema/aws-memorydb-acl.json
+++ b/schema/aws-memorydb-acl.json
@@ -36,7 +36,8 @@
"memorydb:CreateACL",
"memorydb:DescribeACLs",
"memorydb:TagResource",
- "memorydb:ListTags"
+ "memorydb:ListTags",
+ "iam:CreateServiceLinkedRole"
]
},
"delete": {
@@ -114,6 +115,17 @@
"ACLName"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-memorydb",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "memorydb:TagResource",
+ "memorydb:ListTags",
+ "memorydb:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::MemoryDB::ACL"
}
diff --git a/schema/aws-memorydb-cluster.json b/schema/aws-memorydb-cluster.json
index 4858a77..1791b73 100644
--- a/schema/aws-memorydb-cluster.json
+++ b/schema/aws-memorydb-cluster.json
@@ -8,7 +8,9 @@
"/properties/Port",
"/properties/SubnetGroupName",
"/properties/SnapshotArns",
- "/properties/SnapshotName"
+ "/properties/MultiRegionClusterName",
+ "/properties/SnapshotName",
+ "/properties/NetworkType"
],
"definitions": {
"DataTieringStatus": {
@@ -32,6 +34,21 @@
},
"type": "object"
},
+ "SupportedIpDiscoveryTypes": {
+ "enum": [
+ "ipv4",
+ "ipv6"
+ ],
+ "type": "string"
+ },
+ "SupportedNetworkTypes": {
+ "enum": [
+ "ipv4",
+ "ipv6",
+ "dual_stack"
+ ],
+ "type": "string"
+ },
"Tag": {
"additionalProperties": false,
"description": "A key-value pair to associate with a resource.",
@@ -62,10 +79,15 @@
"handlers": {
"create": {
"permissions": [
+ "kms:DescribeKey",
+ "kms:CreateGrant",
"memorydb:CreateCluster",
"memorydb:DescribeClusters",
- "memorydb:ListTags"
- ]
+ "memorydb:TagResource",
+ "memorydb:ListTags",
+ "iam:CreateServiceLinkedRole"
+ ],
+ "timeoutInMinutes": 720
},
"delete": {
"permissions": [
@@ -91,7 +113,8 @@
"memorydb:ListTags",
"memorydb:TagResource",
"memorydb:UntagResource"
- ]
+ ],
+ "timeoutInMinutes": 2160
}
},
"primaryIdentifier": [
@@ -129,6 +152,10 @@
"description": "An optional description of the cluster.",
"type": "string"
},
+ "Engine": {
+ "description": "The engine type used by the cluster.",
+ "type": "string"
+ },
"EngineVersion": {
"description": "The Redis engine version used by the cluster.",
"type": "string"
@@ -137,6 +164,11 @@
"description": "The user-supplied name of a final cluster snapshot. This is the unique name that identifies the snapshot. MemoryDB creates the snapshot, and then deletes the cluster immediately afterward.",
"type": "string"
},
+ "IpDiscovery": {
+ "$ref": "#/definitions/SupportedIpDiscoveryTypes",
+ "description": "For clusters wth dual stack NetworkType, IpDiscovery controls the Ip protocol (ipv4 or ipv6) returned by the engine commands such as `cluster info` and `cluster nodes` which are used by clients to connect to the nodes in the cluster.",
+ "type": "object"
+ },
"KmsKeyId": {
"description": "The ID of the KMS key used to encrypt the cluster.",
"type": "string"
@@ -145,6 +177,15 @@
"description": "Specifies the weekly time range during which maintenance on the cluster is performed. It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi (24H Clock UTC). The minimum maintenance window is a 60 minute period.",
"type": "string"
},
+ "MultiRegionClusterName": {
+ "description": "The name of the Global Datastore, it is generated by MemoryDB adding a prefix to MultiRegionClusterNameSuffix.",
+ "type": "string"
+ },
+ "NetworkType": {
+ "$ref": "#/definitions/SupportedNetworkTypes",
+ "description": "Must be either ipv4 | ipv6 | dual_stack.",
+ "type": "object"
+ },
"NodeType": {
"description": "The compute and memory capacity of the nodes in the cluster.",
"type": "string"
@@ -243,11 +284,23 @@
"ACLName"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-memorydb",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "memorydb:TagResource",
+ "memorydb:ListTags",
+ "memorydb:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::MemoryDB::Cluster",
"writeOnlyProperties": [
"/properties/SnapshotArns",
"/properties/SnapshotName",
+ "/properties/MultiRegionClusterName",
"/properties/FinalSnapshotName"
]
}
diff --git a/schema/aws-memorydb-multiregioncluster.json b/schema/aws-memorydb-multiregioncluster.json
new file mode 100644
index 0000000..63e430c
--- /dev/null
+++ b/schema/aws-memorydb-multiregioncluster.json
@@ -0,0 +1,170 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/MultiRegionClusterNameSuffix",
+ "/properties/EngineVersion",
+ "/properties/MultiRegionParameterGroupName",
+ "/properties/TLSEnabled"
+ ],
+ "definitions": {
+ "Tag": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "description": "The key for the tag. May not be null.",
+ "maxLength": 128,
+ "minLength": 1,
+ "pattern": "^(?!aws:)(?!memorydb:)[a-zA-Z0-9 _\\.\\/=+:\\-@]{1,128}$",
+ "type": "string"
+ },
+ "Value": {
+ "description": "The tag's value. May be null.",
+ "maxLength": 256,
+ "minLength": 1,
+ "pattern": "^(?!aws:)(?!memorydb:)[a-zA-Z0-9 _\\.\\/=+:\\-@]{1,256}$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "The AWS::MemoryDB::Multi Region Cluster resource creates an Amazon MemoryDB Multi Region Cluster.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "memorydb:CreateMultiRegionCluster",
+ "memorydb:DescribeMultiRegionClusters",
+ "memorydb:TagResource",
+ "memorydb:ListTags",
+ "iam:CreateServiceLinkedRole"
+ ],
+ "timeoutInMinutes": 2160
+ },
+ "delete": {
+ "permissions": [
+ "memorydb:DeleteMultiRegionCluster",
+ "memorydb:DescribeMultiRegionClusters"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "memorydb:DescribeMultiRegionClusters"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "memorydb:DescribeMultiRegionClusters",
+ "memorydb:ListTags"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "memorydb:UpdateMultiRegionCluster",
+ "memorydb:DescribeMultiRegionClusters",
+ "memorydb:ListTags",
+ "memorydb:TagResource",
+ "memorydb:UntagResource"
+ ],
+ "timeoutInMinutes": 2160
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/MultiRegionClusterName"
+ ],
+ "properties": {
+ "ARN": {
+ "description": "The Amazon Resource Name (ARN) of the multi region cluster.",
+ "type": "string"
+ },
+ "Description": {
+ "description": "Description of the multi region cluster.",
+ "type": "string"
+ },
+ "Engine": {
+ "description": "The engine type used by the multi region cluster.",
+ "type": "string"
+ },
+ "EngineVersion": {
+ "description": "The Redis engine version used by the multi region cluster.",
+ "type": "string"
+ },
+ "MultiRegionClusterName": {
+ "description": "The name of the Global Datastore, it is generated by MemoryDB adding a prefix to MultiRegionClusterNameSuffix.",
+ "type": "string"
+ },
+ "MultiRegionClusterNameSuffix": {
+ "description": "The name of the Multi Region cluster. This value must be unique as it also serves as the multi region cluster identifier.",
+ "pattern": "[a-z][a-z0-9\\-]*",
+ "type": "string"
+ },
+ "MultiRegionParameterGroupName": {
+ "description": "The name of the parameter group associated with the multi region cluster.",
+ "type": "string"
+ },
+ "NodeType": {
+ "description": "The compute and memory capacity of the nodes in the multi region cluster.",
+ "type": "string"
+ },
+ "NumShards": {
+ "description": "The number of shards the multi region cluster will contain.",
+ "type": "integer"
+ },
+ "Status": {
+ "description": "The status of the multi region cluster. For example, Available, Updating, Creating.",
+ "type": "string"
+ },
+ "TLSEnabled": {
+ "description": "A flag that enables in-transit encryption when set to true.\n\nYou cannot modify the value of TransitEncryptionEnabled after the cluster is created. To enable in-transit encryption on a cluster you must set TransitEncryptionEnabled to true when you create a cluster.",
+ "type": "boolean"
+ },
+ "Tags": {
+ "description": "An array of key-value pairs to apply to this multi region cluster.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 50,
+ "type": "array",
+ "uniqueItems": true
+ },
+ "UpdateStrategy": {
+ "description": "An enum string value that determines the update strategy for scaling. Possible values are 'COORDINATED' and 'UNCOORDINATED'. Default is 'COORDINATED'.",
+ "enum": [
+ "COORDINATED",
+ "UNCOORDINATED"
+ ],
+ "type": "string"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/MultiRegionClusterName",
+ "/properties/Status",
+ "/properties/ARN"
+ ],
+ "required": [
+ "NodeType"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-memorydb",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "memorydb:TagResource",
+ "memorydb:ListTags",
+ "memorydb:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::MemoryDB::MultiRegionCluster",
+ "writeOnlyProperties": [
+ "/properties/MultiRegionClusterNameSuffix",
+ "/properties/UpdateStrategy"
+ ]
+}
diff --git a/schema/aws-memorydb-parametergroup.json b/schema/aws-memorydb-parametergroup.json
index 1701d04..569392e 100644
--- a/schema/aws-memorydb-parametergroup.json
+++ b/schema/aws-memorydb-parametergroup.json
@@ -39,7 +39,8 @@
"memorydb:CreateParameterGroup",
"memorydb:DescribeParameterGroups",
"memorydb:TagResource",
- "memorydb:ListTags"
+ "memorydb:ListTags",
+ "iam:CreateServiceLinkedRole"
]
},
"delete": {
@@ -113,7 +114,18 @@
"Family"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-memorydb",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "memorydb:TagResource",
+ "memorydb:ListTags",
+ "memorydb:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::MemoryDB::ParameterGroup",
"writeOnlyProperties": [
"/properties/Parameters"
diff --git a/schema/aws-memorydb-subnetgroup.json b/schema/aws-memorydb-subnetgroup.json
index bc5c638..a5827cd 100644
--- a/schema/aws-memorydb-subnetgroup.json
+++ b/schema/aws-memorydb-subnetgroup.json
@@ -37,7 +37,8 @@
"memorydb:CreateSubnetGroup",
"memorydb:DescribeSubnetGroups",
"memorydb:TagResource",
- "memorydb:ListTags"
+ "memorydb:ListTags",
+ "iam:CreateServiceLinkedRole"
]
},
"delete": {
@@ -93,6 +94,15 @@
"type": "array",
"uniqueItems": true
},
+ "SupportedNetworkTypes": {
+ "description": "Supported network types would be a list of network types supported by subnet group and can be either [ipv4] or [ipv4, dual_stack] or [ipv6].",
+ "insertionOrder": false,
+ "items": {
+ "type": "string"
+ },
+ "type": "array",
+ "uniqueItems": true
+ },
"Tags": {
"description": "An array of key-value pairs to apply to this subnet group.",
"insertionOrder": false,
@@ -105,13 +115,25 @@
}
},
"readOnlyProperties": [
- "/properties/ARN"
+ "/properties/ARN",
+ "/properties/SupportedNetworkTypes"
],
"required": [
"SubnetGroupName",
"SubnetIds"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-memorydb",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "memorydb:TagResource",
+ "memorydb:ListTags",
+ "memorydb:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::MemoryDB::SubnetGroup"
}
diff --git a/schema/aws-memorydb-user.json b/schema/aws-memorydb-user.json
index 5897714..7577261 100644
--- a/schema/aws-memorydb-user.json
+++ b/schema/aws-memorydb-user.json
@@ -36,7 +36,8 @@
"memorydb:CreateUser",
"memorydb:DescribeUsers",
"memorydb:TagResource",
- "memorydb:ListTags"
+ "memorydb:ListTags",
+ "iam:CreateServiceLinkedRole"
]
},
"delete": {
@@ -133,7 +134,18 @@
"UserName"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-memorydb",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "memorydb:TagResource",
+ "memorydb:ListTags",
+ "memorydb:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::MemoryDB::User",
"writeOnlyProperties": [
"/properties/AuthenticationMode",
diff --git a/schema/aws-msk-cluster.json b/schema/aws-msk-cluster.json
index a04a927..9bea92f 100644
--- a/schema/aws-msk-cluster.json
+++ b/schema/aws-msk-cluster.json
@@ -608,6 +608,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "kafka:TagResource",
+ "kafka:UntagResource",
+ "kafka:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-msk-replicator.json b/schema/aws-msk-replicator.json
index b12ef8e..b6ea7d4 100644
--- a/schema/aws-msk-replicator.json
+++ b/schema/aws-msk-replicator.json
@@ -10,7 +10,11 @@
"/properties/Description",
"/properties/KafkaClusters",
"/properties/ServiceExecutionRoleArn",
- "/properties/ReplicationInfoList/-/TopicReplication/StartingPosition/Type"
+ "/properties/ReplicationInfoList/*/SourceKafkaClusterArn",
+ "/properties/ReplicationInfoList/*/TargetKafkaClusterArn",
+ "/properties/ReplicationInfoList/*/TargetCompressionType",
+ "/properties/ReplicationInfoList/*/TopicReplication/StartingPosition",
+ "/properties/ReplicationInfoList/*/TopicReplication/TopicNameConfiguration"
],
"definitions": {
"AmazonMskCluster": {
@@ -183,6 +187,25 @@
],
"type": "string"
},
+ "ReplicationTopicNameConfiguration": {
+ "additionalProperties": false,
+ "description": "Configuration for specifying replicated topic names should be the same as their corresponding upstream topics or prefixed with source cluster alias.",
+ "properties": {
+ "Type": {
+ "$ref": "#/definitions/ReplicationTopicNameConfigurationType"
+ }
+ },
+ "required": [],
+ "type": "object"
+ },
+ "ReplicationTopicNameConfigurationType": {
+ "description": "The type of replicated topic name.",
+ "enum": [
+ "PREFIXED_WITH_SOURCE_CLUSTER_ALIAS",
+ "IDENTICAL"
+ ],
+ "type": "string"
+ },
"Tag": {
"additionalProperties": false,
"properties": {
@@ -221,6 +244,10 @@
"$ref": "#/definitions/ReplicationStartingPosition",
"description": "Configuration for specifying the position in the topics to start replicating from."
},
+ "TopicNameConfiguration": {
+ "$ref": "#/definitions/ReplicationTopicNameConfiguration",
+ "description": "Configuration for specifying replicated topic names should be the same as their corresponding upstream topics or prefixed with source cluster alias."
+ },
"TopicsToExclude": {
"description": "List of regular expression patterns indicating the topics that should not be replicated.",
"insertionOrder": false,
@@ -363,7 +390,8 @@
}
},
"readOnlyProperties": [
- "/properties/ReplicatorArn"
+ "/properties/ReplicatorArn",
+ "/properties/CurrentVersion"
],
"required": [
"ReplicatorName",
@@ -374,6 +402,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-msk-replicator.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "kafka:UntagResource",
+ "kafka:ListTagsForResource",
+ "kafka:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-msk-serverlesscluster.json b/schema/aws-msk-serverlesscluster.json
index c5acdc8..4f24ff7 100644
--- a/schema/aws-msk-serverlesscluster.json
+++ b/schema/aws-msk-serverlesscluster.json
@@ -149,6 +149,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "kafka:TagResource",
+ "kafka:UntagResource",
+ "kafka:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": false,
diff --git a/schema/aws-msk-vpcconnection.json b/schema/aws-msk-vpcconnection.json
index b3b0e0b..74de640 100644
--- a/schema/aws-msk-vpcconnection.json
+++ b/schema/aws-msk-vpcconnection.json
@@ -152,6 +152,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "kafka:TagResource",
+ "kafka:UntagResource",
+ "kafka:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-mwaa-environment.json b/schema/aws-mwaa-environment.json
index e74a78c..b96676d 100644
--- a/schema/aws-mwaa-environment.json
+++ b/schema/aws-mwaa-environment.json
@@ -195,7 +195,7 @@
},
"MaxWebservers": {
"description": "Maximum webserver compute units.",
- "minimum": 2,
+ "minimum": 1,
"type": "integer"
},
"MaxWorkers": {
@@ -205,7 +205,7 @@
},
"MinWebservers": {
"description": "Minimum webserver compute units.",
- "minimum": 2,
+ "minimum": 1,
"type": "integer"
},
"MinWorkers": {
@@ -368,12 +368,40 @@
"handlers": {
"create": {
"permissions": [
- "airflow:CreateEnvironment"
+ "airflow:GetEnvironment",
+ "airflow:CreateEnvironment",
+ "airflow:TagResource",
+ "airflow:UntagResource",
+ "iam:PassRole",
+ "iam:ListRoles",
+ "iam:CreatePolicy",
+ "iam:AttachRolePolicy",
+ "iam:CreateRole",
+ "iam:CreateServiceLinkedRole",
+ "s3:GetBucketLocation",
+ "s3:ListAllMyBuckets",
+ "s3:ListBucket",
+ "s3:ListBucketVersions",
+ "s3:CreateBucket",
+ "s3:PutObject",
+ "s3:GetEncryptionConfiguration",
+ "ec2:DescribeSecurityGroups",
+ "ec2:DescribeSubnets",
+ "ec2:DescribeVpcs",
+ "ec2:DescribeRouteTables",
+ "ec2:AuthorizeSecurityGroupIngress",
+ "ec2:CreateSecurityGroup",
+ "ec2:CreateVpcEndpoint",
+ "ec2:CreateNetworkInterface",
+ "kms:CreateGrant",
+ "kms:DescribeKey",
+ "kms:ListAliases"
],
"timeoutInMinutes": 180
},
"delete": {
"permissions": [
+ "airflow:GetEnvironment",
"airflow:DeleteEnvironment"
]
},
@@ -389,9 +417,23 @@
},
"update": {
"permissions": [
+ "airflow:GetEnvironment",
"airflow:UpdateEnvironment",
"airflow:TagResource",
- "airflow:UntagResource"
+ "airflow:UntagResource",
+ "iam:PassRole",
+ "iam:ListRoles",
+ "iam:AttachRolePolicy",
+ "s3:GetBucketLocation",
+ "s3:ListBucket",
+ "s3:ListBucketVersions",
+ "s3:GetEncryptionConfiguration",
+ "ec2:DescribeSecurityGroups",
+ "ec2:DescribeSubnets",
+ "ec2:DescribeVpcs",
+ "ec2:DescribeRouteTables",
+ "kms:DescribeKey",
+ "kms:ListAliases"
],
"timeoutInMinutes": 480
}
@@ -509,6 +551,16 @@
"Name"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-mwaa.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "airflow:UntagResource",
+ "airflow:TagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::MWAA::Environment"
}
diff --git a/schema/aws-neptune-dbcluster.json b/schema/aws-neptune-dbcluster.json
index 3acd927..1750055 100644
--- a/schema/aws-neptune-dbcluster.json
+++ b/schema/aws-neptune-dbcluster.json
@@ -236,7 +236,7 @@
"type": "boolean"
},
"KmsKeyId": {
- "description": "If `StorageEncrypted` is true, the Amazon KMS key identifier for the encrypted DB cluster.",
+ "description": "The Amazon Resource Name (ARN) of the AWS KMS key that is used to encrypt the database instances in the DB cluster, such as arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef. If you enable the StorageEncrypted property but don't specify this property, the default KMS key is used. If you specify this property, you must set the StorageEncrypted property to true.",
"type": "string"
},
"Port": {
@@ -277,7 +277,7 @@
"type": "string"
},
"StorageEncrypted": {
- "description": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the `DBClusterIdentifier`, `DBSnapshotIdentifier`, or `SourceDBInstanceIdentifier` property, don't specify this property. The value is inherited from the cluster, snapshot, or source DB instance. If you specify the KmsKeyId property, you must enable encryption.\n\nIf you specify the KmsKeyId, you must enable encryption by setting StorageEncrypted to true.",
+ "description": "Indicates whether the DB cluster is encrypted.\n\nIf you specify the KmsKeyId property, then you must enable encryption and set this property to true.\n\nIf you enable the StorageEncrypted property but don't specify KmsKeyId property, then the default KMS key is used. If you specify KmsKeyId property, then that KMS Key is used to encrypt the database instances in the DB cluster.\n\nIf you specify the SourceDBClusterIdentifier property and don't specify this property or disable it. The value is inherited from the source DB cluster, and if the DB cluster is encrypted, the KmsKeyId property from the source cluster is used.\n\nIf you specify the DBSnapshotIdentifier and don't specify this property or disable it. The value is inherited from the snapshot, and the specified KmsKeyId property from the snapshot is used.",
"type": "boolean"
},
"Tags": {
@@ -320,6 +320,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-neptune",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:ListTagsForResource",
+ "rds:RemoveTagsFromResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-neptune-dbclusterparametergroup.json b/schema/aws-neptune-dbclusterparametergroup.json
index 93eb530..74dcc78 100644
--- a/schema/aws-neptune-dbclusterparametergroup.json
+++ b/schema/aws-neptune-dbclusterparametergroup.json
@@ -1,63 +1,129 @@
{
"additionalProperties": false,
"createOnlyProperties": [
- "/properties/Family",
+ "/properties/Name",
"/properties/Description",
- "/properties/Name"
+ "/properties/Family"
],
"definitions": {
"Tag": {
"additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
"properties": {
"Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
"type": "string"
},
"Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
"type": "string"
}
},
"required": [
- "Value",
- "Key"
+ "Key",
+ "Value"
],
"type": "object"
}
},
- "description": "Resource Type definition for AWS::Neptune::DBClusterParameterGroup",
+ "description": "The AWS::Neptune::DBClusterParameterGroup resource creates a new Amazon Neptune DB cluster parameter group",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:CreateDBClusterParameterGroup",
+ "rds:DescribeDBClusterParameterGroups",
+ "rds:DescribeDBClusterParameters",
+ "rds:DescribeEngineDefaultClusterParameters",
+ "rds:ListTagsForResource",
+ "rds:ModifyDBClusterParameterGroup",
+ "iam:CreateServiceLinkedRole"
+ ],
+ "timeoutInMinutes": 180
+ },
+ "delete": {
+ "permissions": [
+ "rds:DeleteDBClusterParameterGroup",
+ "rds:ListTagsForResource",
+ "rds:RemoveTagsFromResource"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "rds:DescribeDBClusterParameterGroups",
+ "rds:ListTagsForResource"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "rds:DescribeDBClusterParameterGroups",
+ "rds:ListTagsForResource",
+ "rds:DescribeDBClusterParameters"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:DescribeDBClusterParameterGroups",
+ "rds:DescribeDBClusterParameters",
+ "rds:DescribeDBClusters",
+ "rds:DescribeEngineDefaultClusterParameters",
+ "rds:ListTagsForResource",
+ "rds:ModifyDBClusterParameterGroup",
+ "rds:RemoveTagsFromResource",
+ "rds:ResetDBClusterParameterGroup"
+ ],
+ "timeoutInMinutes": 180
+ }
+ },
"primaryIdentifier": [
- "/properties/Id"
+ "/properties/Name"
],
"properties": {
"Description": {
+ "description": "Provides the customer-specified description for this DB cluster parameter group.",
"type": "string"
},
"Family": {
- "type": "string"
- },
- "Id": {
+ "description": "Must be neptune1 for engine versions prior to 1.2.0.0, or neptune1.2 for engine version 1.2.0.0 and higher.",
"type": "string"
},
"Name": {
+ "description": "Provides the name of the DB cluster parameter group.",
"type": "string"
},
"Parameters": {
+ "description": "An array of parameters to be modified. A maximum of 20 parameters can be modified in a single request.",
"type": "object"
},
"Tags": {
+ "description": "The list of tags for the cluster parameter group.",
"items": {
"$ref": "#/definitions/Tag"
},
- "type": "array",
- "uniqueItems": false
+ "type": "array"
}
},
- "readOnlyProperties": [
- "/properties/Id"
- ],
+ "propertyTransform": {
+ "/properties/Name": "$lowercase(Name)"
+ },
"required": [
- "Family",
"Description",
+ "Family",
"Parameters"
],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-neptune",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:ListTagsForResource",
+ "rds:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Neptune::DBClusterParameterGroup"
}
diff --git a/schema/aws-neptune-dbparametergroup.json b/schema/aws-neptune-dbparametergroup.json
index 11f30ea..a202295 100644
--- a/schema/aws-neptune-dbparametergroup.json
+++ b/schema/aws-neptune-dbparametergroup.json
@@ -1,49 +1,101 @@
{
"additionalProperties": false,
"createOnlyProperties": [
- "/properties/Family",
+ "/properties/Name",
"/properties/Description",
- "/properties/Name"
+ "/properties/Family"
],
"definitions": {
"Tag": {
"additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
"properties": {
"Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
"type": "string"
},
"Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
"type": "string"
}
},
"required": [
- "Value",
- "Key"
+ "Key",
+ "Value"
],
"type": "object"
}
},
- "description": "Resource Type definition for AWS::Neptune::DBParameterGroup",
+ "description": "AWS::Neptune::DBParameterGroup creates a new DB parameter group. This type can be declared in a template and referenced in the DBParameterGroupName parameter of AWS::Neptune::DBInstance",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:CreateDBParameterGroup",
+ "rds:DescribeDBParameterGroups",
+ "rds:DescribeDBParameters",
+ "rds:DescribeEngineDefaultParameters",
+ "rds:ModifyDBParameterGroup",
+ "rds:ListTagsForResource",
+ "iam:CreateServiceLinkedRole"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "rds:DeleteDBParameterGroup",
+ "rds:RemoveTagsFromResource"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "rds:DescribeDBParameterGroups",
+ "rds:ListTagsForResource"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "rds:DescribeDBParameterGroups",
+ "rds:ListTagsForResource",
+ "rds:DescribeDBParameters",
+ "rds:DescribeEngineDefaultParameters"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:DescribeDBParameterGroups",
+ "rds:DescribeDBParameters",
+ "rds:DescribeEngineDefaultParameters",
+ "rds:ListTagsForResource",
+ "rds:ModifyDBParameterGroup",
+ "rds:ResetDBParameterGroup",
+ "rds:RemoveTagsFromResource",
+ "rds:DescribeDBInstances"
+ ]
+ }
+ },
"primaryIdentifier": [
- "/properties/Id"
+ "/properties/Name"
],
"properties": {
"Description": {
+ "description": "Provides the customer-specified description for this DB parameter group.",
"type": "string"
},
"Family": {
- "type": "string"
- },
- "Id": {
+ "description": "Must be `neptune1` for engine versions prior to 1.2.0.0, or `neptune1.2` for engine version `1.2.0.0` and higher.",
"type": "string"
},
"Name": {
+ "description": "Provides the name of the DB parameter group.",
"type": "string"
},
"Parameters": {
+ "description": "The parameters to set for this DB parameter group.\n\nThe parameters are expressed as a JSON object consisting of key-value pairs.\n\nChanges to dynamic parameters are applied immediately. During an update, if you have static parameters (whether they were changed or not), it triggers AWS CloudFormation to reboot the associated DB instance without failover.",
"type": "object"
},
"Tags": {
+ "description": "An optional array of key-value pairs to apply to this DB parameter group.",
"items": {
"$ref": "#/definitions/Tag"
},
@@ -51,13 +103,26 @@
"uniqueItems": false
}
},
- "readOnlyProperties": [
- "/properties/Id"
- ],
+ "propertyTransform": {
+ "/properties/Name": "$lowercase(Name)"
+ },
"required": [
"Family",
"Description",
"Parameters"
],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-neptune",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:ListTagsForResource",
+ "rds:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Neptune::DBParameterGroup"
}
diff --git a/schema/aws-neptune-dbsubnetgroup.json b/schema/aws-neptune-dbsubnetgroup.json
index 3f81a2a..ddaa0ad 100644
--- a/schema/aws-neptune-dbsubnetgroup.json
+++ b/schema/aws-neptune-dbsubnetgroup.json
@@ -6,36 +6,79 @@
"definitions": {
"Tag": {
"additionalProperties": false,
+ "description": "An optional array of key-value pairs to apply to this DB subnet group.",
"properties": {
"Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ",
"type": "string"
},
"Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ",
"type": "string"
}
},
"required": [
- "Value",
- "Key"
+ "Key",
+ "Value"
],
"type": "object"
}
},
- "description": "Resource Type definition for AWS::Neptune::DBSubnetGroup",
+ "description": "The AWS::Neptune::DBSubnetGroup type creates an Amazon Neptune DB subnet group. Subnet groups must contain at least two subnets in two different Availability Zones in the same AWS Region.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "rds:CreateDBSubnetGroup",
+ "rds:DescribeDBSubnetGroups",
+ "rds:ListTagsForResource",
+ "rds:AddTagsToResource",
+ "iam:CreateServiceLinkedRole"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "rds:DeleteDBSubnetGroup",
+ "rds:DescribeDBSubnetGroups",
+ "rds:ListTagsForResource",
+ "rds:RemoveTagsFromResource"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "rds:DescribeDBSubnetGroups",
+ "rds:ListTagsForResource"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "rds:DescribeDBSubnetGroups",
+ "rds:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "rds:ModifyDBSubnetGroup",
+ "rds:DescribeDBSubnetGroups",
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource",
+ "rds:ListTagsForResource"
+ ]
+ }
+ },
"primaryIdentifier": [
- "/properties/Id"
+ "/properties/DBSubnetGroupName"
],
"properties": {
"DBSubnetGroupDescription": {
+ "description": "The description for the DB subnet group.",
"type": "string"
},
"DBSubnetGroupName": {
- "type": "string"
- },
- "Id": {
+ "description": "The name for the DB subnet group. This value is stored as a lowercase string.\n\nConstraints: Must contain no more than 255 lowercase alphanumeric characters or hyphens. Must not be \"Default\".\n\nExample: mysubnetgroup\n\n",
"type": "string"
},
"SubnetIds": {
+ "description": "The Amazon EC2 subnet IDs for the DB subnet group.",
"items": {
"type": "string"
},
@@ -43,6 +86,7 @@
"uniqueItems": false
},
"Tags": {
+ "description": "An optional array of key-value pairs to apply to this DB subnet group.",
"items": {
"$ref": "#/definitions/Tag"
},
@@ -50,12 +94,25 @@
"uniqueItems": false
}
},
- "readOnlyProperties": [
- "/properties/Id"
- ],
+ "propertyTransform": {
+ "/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)"
+ },
"required": [
"DBSubnetGroupDescription",
"SubnetIds"
],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-neptune",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:ListTagsForResource",
+ "rds:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Neptune::DBSubnetGroup"
}
diff --git a/schema/aws-neptunegraph-privategraphendpoint.json b/schema/aws-neptunegraph-privategraphendpoint.json
index ab50fd9..bbb71ba 100644
--- a/schema/aws-neptunegraph-privategraphendpoint.json
+++ b/schema/aws-neptunegraph-privategraphendpoint.json
@@ -51,7 +51,8 @@
"list": {
"permissions": [
"neptune-graph:GetPrivateGraphEndpoint",
- "neptune-graph:ListPrivateGraphEndpoints"
+ "neptune-graph:ListPrivateGraphEndpoints",
+ "neptune-graph:ListGraphs"
],
"timeoutInMinutes": 2160
},
diff --git a/schema/aws-networkfirewall-firewall.json b/schema/aws-networkfirewall-firewall.json
index 006109d..6dadf45 100644
--- a/schema/aws-networkfirewall-firewall.json
+++ b/schema/aws-networkfirewall-firewall.json
@@ -5,6 +5,14 @@
"/properties/FirewallName"
],
"definitions": {
+ "EnabledAnalysisType": {
+ "description": "An analysis type.",
+ "enum": [
+ "TLS_SNI",
+ "HTTP_HOST"
+ ],
+ "type": "string"
+ },
"EndpointId": {
"description": "An endpoint Id.",
"type": "string"
@@ -107,7 +115,8 @@
"network-firewall:AssociateFirewallPolicy",
"network-firewall:TagResource",
"network-firewall:UntagResource",
- "network-firewall:DescribeFirewall"
+ "network-firewall:DescribeFirewall",
+ "network-firewall:UpdateFirewallAnalysisSettings"
]
}
},
@@ -123,6 +132,14 @@
"pattern": "^.*$",
"type": "string"
},
+ "EnabledAnalysisTypes": {
+ "description": "The types of analysis to enable for the firewall. Can be TLS_SNI, HTTP_HOST, or both.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/EnabledAnalysisType"
+ },
+ "type": "array"
+ },
"EndpointIds": {
"insertionOrder": false,
"items": {
@@ -191,6 +208,15 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkfirewall.git",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "network-firewall:TagResource",
+ "network-firewall:UntagResource",
+ "network-firewall:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::NetworkFirewall::Firewall"
diff --git a/schema/aws-networkfirewall-firewallpolicy.json b/schema/aws-networkfirewall-firewallpolicy.json
index 60eec36..1e01ed6 100644
--- a/schema/aws-networkfirewall-firewallpolicy.json
+++ b/schema/aws-networkfirewall-firewallpolicy.json
@@ -188,6 +188,17 @@
"StatefulEngineOptions": {
"additionalProperties": false,
"properties": {
+ "FlowTimeouts": {
+ "additionalProperties": false,
+ "properties": {
+ "TcpIdleTimeoutSeconds": {
+ "maximum": 6000,
+ "minimum": 60,
+ "type": "integer"
+ }
+ },
+ "type": "object"
+ },
"RuleOrder": {
"$ref": "#/definitions/RuleOrder"
},
@@ -363,6 +374,15 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkfirewall.git",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "network-firewall:TagResource",
+ "network-firewall:UntagResource",
+ "network-firewall:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::NetworkFirewall::FirewallPolicy"
diff --git a/schema/aws-networkfirewall-loggingconfiguration.json b/schema/aws-networkfirewall-loggingconfiguration.json
index 5ca1113..ce89fa2 100644
--- a/schema/aws-networkfirewall-loggingconfiguration.json
+++ b/schema/aws-networkfirewall-loggingconfiguration.json
@@ -32,7 +32,8 @@
"LogType": {
"enum": [
"ALERT",
- "FLOW"
+ "FLOW",
+ "TLS"
],
"type": "string"
}
diff --git a/schema/aws-networkfirewall-rulegroup.json b/schema/aws-networkfirewall-rulegroup.json
index a1372f2..8119d86 100644
--- a/schema/aws-networkfirewall-rulegroup.json
+++ b/schema/aws-networkfirewall-rulegroup.json
@@ -711,6 +711,15 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkfirewall.git",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "network-firewall:TagResource",
+ "network-firewall:UntagResource",
+ "network-firewall:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::NetworkFirewall::RuleGroup"
diff --git a/schema/aws-networkfirewall-tlsinspectionconfiguration.json b/schema/aws-networkfirewall-tlsinspectionconfiguration.json
index 675287d..2fbd41f 100644
--- a/schema/aws-networkfirewall-tlsinspectionconfiguration.json
+++ b/schema/aws-networkfirewall-tlsinspectionconfiguration.json
@@ -281,6 +281,15 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkfirewall.git",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "network-firewall:TagResource",
+ "network-firewall:UntagResource",
+ "network-firewall:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::NetworkFirewall::TLSInspectionConfiguration"
diff --git a/schema/aws-networkmanager-connectattachment.json b/schema/aws-networkmanager-connectattachment.json
index ec7c61e..f054dd5 100644
--- a/schema/aws-networkmanager-connectattachment.json
+++ b/schema/aws-networkmanager-connectattachment.json
@@ -18,6 +18,30 @@
},
"type": "object"
},
+ "ProposedNetworkFunctionGroupChange": {
+ "additionalProperties": false,
+ "description": "The attachment to move from one network function group to another.",
+ "properties": {
+ "AttachmentPolicyRuleNumber": {
+ "description": "The rule number in the policy document that applies to this change.",
+ "type": "integer"
+ },
+ "NetworkFunctionGroupName": {
+ "description": "The name of the network function group to change.",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "The key-value tags that changed for the network function group.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "type": "object"
+ },
"ProposedSegmentChange": {
"additionalProperties": false,
"description": "The attachment to move from one segment to another.",
@@ -131,6 +155,10 @@
"description": "Edge location of the attachment.",
"type": "string"
},
+ "NetworkFunctionGroupName": {
+ "description": "The name of the network function group attachment.",
+ "type": "string"
+ },
"Options": {
"$ref": "#/definitions/ConnectAttachmentOptions",
"description": "Protocol options for connect attachment"
@@ -139,6 +167,10 @@
"description": "The ID of the attachment account owner.",
"type": "string"
},
+ "ProposedNetworkFunctionGroupChange": {
+ "$ref": "#/definitions/ProposedNetworkFunctionGroupChange",
+ "description": "The attachment to move from one network function group to another."
+ },
"ProposedSegmentChange": {
"$ref": "#/definitions/ProposedSegmentChange",
"description": "The attachment to move from one segment to another."
@@ -194,6 +226,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkmanager/aws-networkmanager-connectattachment",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "networkmanager:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-networkmanager-connectpeer.json b/schema/aws-networkmanager-connectpeer.json
index 8dcf775..6db8956 100644
--- a/schema/aws-networkmanager-connectpeer.json
+++ b/schema/aws-networkmanager-connectpeer.json
@@ -223,6 +223,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkmanager/aws-networkmanager-connectpeer",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "networkmanager:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-networkmanager-corenetwork.json b/schema/aws-networkmanager-corenetwork.json
index f39da5c..faddbcd 100644
--- a/schema/aws-networkmanager-corenetwork.json
+++ b/schema/aws-networkmanager-corenetwork.json
@@ -34,6 +34,46 @@
},
"type": "object"
},
+ "CoreNetworkNetworkFunctionGroup": {
+ "additionalProperties": false,
+ "properties": {
+ "EdgeLocations": {
+ "insertionOrder": false,
+ "items": {
+ "description": "The Regions where the edges are located.",
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "Name": {
+ "description": "Name of network function group",
+ "type": "string"
+ },
+ "Segments": {
+ "additionalProperties": false,
+ "properties": {
+ "SendTo": {
+ "insertionOrder": false,
+ "items": {
+ "description": "The send-to segments.",
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "SendVia": {
+ "insertionOrder": false,
+ "items": {
+ "description": "The send-via segments.",
+ "type": "string"
+ },
+ "type": "array"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "type": "object"
+ },
"CoreNetworkSegment": {
"additionalProperties": false,
"properties": {
@@ -160,6 +200,14 @@
"description": "The ID of the global network that your core network is a part of.",
"type": "string"
},
+ "NetworkFunctionGroups": {
+ "description": "The network function groups within a core network.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/CoreNetworkNetworkFunctionGroup"
+ },
+ "type": "array"
+ },
"OwnerAccount": {
"description": "Owner of the core network",
"type": "string"
@@ -197,6 +245,7 @@
"/properties/CreatedAt",
"/properties/State",
"/properties/Segments",
+ "/properties/NetworkFunctionGroups",
"/properties/Edges"
],
"required": [
@@ -205,6 +254,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkmanager/aws-networkmanager-corenetwork",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "networkmanager:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-networkmanager-device.json b/schema/aws-networkmanager-device.json
index 1387743..b86f615 100644
--- a/schema/aws-networkmanager-device.json
+++ b/schema/aws-networkmanager-device.json
@@ -187,6 +187,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkmanager.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "networkmanager:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-networkmanager-directconnectgatewayattachment.json b/schema/aws-networkmanager-directconnectgatewayattachment.json
new file mode 100644
index 0000000..96cf1fa
--- /dev/null
+++ b/schema/aws-networkmanager-directconnectgatewayattachment.json
@@ -0,0 +1,239 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/CoreNetworkId",
+ "/properties/DirectConnectGatewayArn"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/CoreNetworkId",
+ "/properties/DirectConnectGatewayArn"
+ ],
+ "definitions": {
+ "ProposedNetworkFunctionGroupChange": {
+ "additionalProperties": false,
+ "description": "The attachment to move from one network function group to another.",
+ "properties": {
+ "AttachmentPolicyRuleNumber": {
+ "description": "The rule number in the policy document that applies to this change.",
+ "type": "integer"
+ },
+ "NetworkFunctionGroupName": {
+ "description": "The name of the network function group to change.",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "The key-value tags that changed for the network function group.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "type": "object"
+ },
+ "ProposedSegmentChange": {
+ "additionalProperties": false,
+ "description": "The attachment to move from one segment to another.",
+ "properties": {
+ "AttachmentPolicyRuleNumber": {
+ "description": "The rule number in the policy document that applies to this change.",
+ "type": "integer"
+ },
+ "SegmentName": {
+ "description": "The name of the segment to change.",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "The key-value tags that changed for the segment.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "type": "object"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "type": "string"
+ },
+ "Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "AWS::NetworkManager::DirectConnectGatewayAttachment Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "networkmanager:CreateDirectConnectGatewayAttachment",
+ "networkmanager:GetDirectConnectGatewayAttachment",
+ "networkmanager:TagResource",
+ "ec2:DescribeRegions",
+ "iam:CreateServiceLinkedRole"
+ ],
+ "timeoutInMinutes": 60
+ },
+ "delete": {
+ "permissions": [
+ "networkmanager:DeleteAttachment",
+ "networkmanager:GetDirectConnectGatewayAttachment",
+ "networkmanager:UntagResource",
+ "ec2:DescribeRegions"
+ ],
+ "timeoutInMinutes": 60
+ },
+ "list": {
+ "permissions": [
+ "networkmanager:ListAttachments"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "networkmanager:GetDirectConnectGatewayAttachment"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "networkmanager:UpdateDirectConnectGatewayAttachment",
+ "networkmanager:GetDirectConnectGatewayAttachment",
+ "networkmanager:ListTagsForResource",
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "ec2:DescribeRegions"
+ ],
+ "timeoutInMinutes": 60
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/AttachmentId"
+ ],
+ "properties": {
+ "AttachmentId": {
+ "description": "Id of the attachment.",
+ "type": "string"
+ },
+ "AttachmentPolicyRuleNumber": {
+ "description": "The policy rule number associated with the attachment.",
+ "type": "integer"
+ },
+ "AttachmentType": {
+ "description": "Attachment type.",
+ "type": "string"
+ },
+ "CoreNetworkArn": {
+ "description": "The ARN of a core network for the Direct Connect Gateway attachment.",
+ "type": "string"
+ },
+ "CoreNetworkId": {
+ "description": "The ID of a core network for the Direct Connect Gateway attachment.",
+ "type": "string"
+ },
+ "CreatedAt": {
+ "description": "Creation time of the attachment.",
+ "type": "string"
+ },
+ "DirectConnectGatewayArn": {
+ "description": "The ARN of the Direct Connect Gateway.",
+ "type": "string"
+ },
+ "EdgeLocations": {
+ "description": "The Regions where the edges are located.",
+ "insertionOrder": false,
+ "items": {
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "NetworkFunctionGroupName": {
+ "description": "The name of the network function group attachment.",
+ "type": "string"
+ },
+ "OwnerAccountId": {
+ "description": "Owner account of the attachment.",
+ "type": "string"
+ },
+ "ProposedNetworkFunctionGroupChange": {
+ "$ref": "#/definitions/ProposedNetworkFunctionGroupChange",
+ "description": "The attachment to move from one network function group to another."
+ },
+ "ProposedSegmentChange": {
+ "$ref": "#/definitions/ProposedSegmentChange",
+ "description": "The attachment to move from one segment to another."
+ },
+ "ResourceArn": {
+ "description": "The ARN of the Resource.",
+ "type": "string"
+ },
+ "SegmentName": {
+ "description": "The name of the segment attachment..",
+ "type": "string"
+ },
+ "State": {
+ "description": "State of the attachment.",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "Tags for the attachment.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": true
+ },
+ "UpdatedAt": {
+ "description": "Last update time of the attachment.",
+ "type": "string"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/CoreNetworkArn",
+ "/properties/CreatedAt",
+ "/properties/UpdatedAt",
+ "/properties/AttachmentType",
+ "/properties/State",
+ "/properties/AttachmentId",
+ "/properties/OwnerAccountId",
+ "/properties/AttachmentPolicyRuleNumber",
+ "/properties/SegmentName",
+ "/properties/NetworkFunctionGroupName",
+ "/properties/ResourceArn"
+ ],
+ "required": [
+ "CoreNetworkId",
+ "DirectConnectGatewayArn",
+ "EdgeLocations"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkmanager/aws-networkmanager-directconnectgatewayattachment",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "networkmanager:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::NetworkManager::DirectConnectGatewayAttachment"
+}
diff --git a/schema/aws-networkmanager-globalnetwork.json b/schema/aws-networkmanager-globalnetwork.json
index 437ab0b..bb325f1 100644
--- a/schema/aws-networkmanager-globalnetwork.json
+++ b/schema/aws-networkmanager-globalnetwork.json
@@ -103,6 +103,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkmanager.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "networkmanager:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-networkmanager-link.json b/schema/aws-networkmanager-link.json
index 2d60e13..378ee03 100644
--- a/schema/aws-networkmanager-link.json
+++ b/schema/aws-networkmanager-link.json
@@ -159,6 +159,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkmanager.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "networkmanager:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-networkmanager-site.json b/schema/aws-networkmanager-site.json
index e0af347..0a2e128 100644
--- a/schema/aws-networkmanager-site.json
+++ b/schema/aws-networkmanager-site.json
@@ -148,6 +148,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkmanager.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "networkmanager:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-networkmanager-sitetositevpnattachment.json b/schema/aws-networkmanager-sitetositevpnattachment.json
index fa48636..8313c46 100644
--- a/schema/aws-networkmanager-sitetositevpnattachment.json
+++ b/schema/aws-networkmanager-sitetositevpnattachment.json
@@ -11,6 +11,30 @@
"/properties/VpnConnectionArn"
],
"definitions": {
+ "ProposedNetworkFunctionGroupChange": {
+ "additionalProperties": false,
+ "description": "The attachment to move from one network function group to another.",
+ "properties": {
+ "AttachmentPolicyRuleNumber": {
+ "description": "The rule number in the policy document that applies to this change.",
+ "type": "integer"
+ },
+ "NetworkFunctionGroupName": {
+ "description": "The name of the network function group to change.",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "The key-value tags that changed for the network function group.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "type": "object"
+ },
"ProposedSegmentChange": {
"additionalProperties": false,
"description": "The attachment to move from one segment to another.",
@@ -64,7 +88,7 @@
"ec2:DescribeRegions",
"networkmanager:TagResource"
],
- "timeoutInMinutes": 40
+ "timeoutInMinutes": 120
},
"delete": {
"permissions": [
@@ -126,10 +150,18 @@
"description": "The Region where the edge is located.",
"type": "string"
},
+ "NetworkFunctionGroupName": {
+ "description": "The name of the network function group attachment.",
+ "type": "string"
+ },
"OwnerAccountId": {
"description": "Owner account of the attachment.",
"type": "string"
},
+ "ProposedNetworkFunctionGroupChange": {
+ "$ref": "#/definitions/ProposedNetworkFunctionGroupChange",
+ "description": "The attachment to move from one network function group to another."
+ },
"ProposedSegmentChange": {
"$ref": "#/definitions/ProposedSegmentChange",
"description": "The attachment to move from one segment to another."
@@ -184,6 +216,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkmanager/aws-networkmanager-sitetositevpnattachment",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "networkmanager:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-networkmanager-transitgatewaypeering.json b/schema/aws-networkmanager-transitgatewaypeering.json
index 4022f42..009256c 100644
--- a/schema/aws-networkmanager-transitgatewaypeering.json
+++ b/schema/aws-networkmanager-transitgatewaypeering.json
@@ -58,8 +58,7 @@
},
"read": {
"permissions": [
- "networkmanager:GetTransitGatewayPeering",
- "networkmanager:TagResource"
+ "networkmanager:GetTransitGatewayPeering"
]
},
"update": {
@@ -148,6 +147,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkmanager/aws-networkmanager-transitgatewaypeering",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "networkmanager:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-networkmanager-transitgatewayroutetableattachment.json b/schema/aws-networkmanager-transitgatewayroutetableattachment.json
index eb2ed01..914cfbb 100644
--- a/schema/aws-networkmanager-transitgatewayroutetableattachment.json
+++ b/schema/aws-networkmanager-transitgatewayroutetableattachment.json
@@ -5,6 +5,30 @@
"/properties/TransitGatewayRouteTableArn"
],
"definitions": {
+ "ProposedNetworkFunctionGroupChange": {
+ "additionalProperties": false,
+ "description": "The attachment to move from one network function group to another.",
+ "properties": {
+ "AttachmentPolicyRuleNumber": {
+ "description": "The rule number in the policy document that applies to this change.",
+ "type": "integer"
+ },
+ "NetworkFunctionGroupName": {
+ "description": "The name of the network function group to change.",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "The key-value tags that changed for the network function group.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "type": "object"
+ },
"ProposedSegmentChange": {
"additionalProperties": false,
"description": "The attachment to move from one segment to another.",
@@ -120,6 +144,10 @@
"description": "The Region where the edge is located.",
"type": "string"
},
+ "NetworkFunctionGroupName": {
+ "description": "The name of the network function group attachment.",
+ "type": "string"
+ },
"OwnerAccountId": {
"description": "Owner account of the attachment.",
"type": "string"
@@ -128,6 +156,10 @@
"description": "The Id of peering between transit gateway and core network.",
"type": "string"
},
+ "ProposedNetworkFunctionGroupChange": {
+ "$ref": "#/definitions/ProposedNetworkFunctionGroupChange",
+ "description": "The attachment to move from one network function group to another."
+ },
"ProposedSegmentChange": {
"$ref": "#/definitions/ProposedSegmentChange",
"description": "The attachment to move from one segment to another."
@@ -183,6 +215,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkmanager/aws-networkmanager-transitgatewayroutetableattachment",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "networkmanager:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-networkmanager-vpcattachment.json b/schema/aws-networkmanager-vpcattachment.json
index 8ca0cdd..441dadf 100644
--- a/schema/aws-networkmanager-vpcattachment.json
+++ b/schema/aws-networkmanager-vpcattachment.json
@@ -11,6 +11,30 @@
"/properties/VpcArn"
],
"definitions": {
+ "ProposedNetworkFunctionGroupChange": {
+ "additionalProperties": false,
+ "description": "The attachment to move from one network function group to another.",
+ "properties": {
+ "AttachmentPolicyRuleNumber": {
+ "description": "The rule number in the policy document that applies to this change.",
+ "type": "integer"
+ },
+ "NetworkFunctionGroupName": {
+ "description": "The name of the network function group to change.",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "The key-value tags that changed for the network function group.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "type": "object"
+ },
"ProposedSegmentChange": {
"additionalProperties": false,
"description": "The attachment to move from one segment to another.",
@@ -147,6 +171,10 @@
"description": "The Region where the edge is located.",
"type": "string"
},
+ "NetworkFunctionGroupName": {
+ "description": "The name of the network function group attachment.",
+ "type": "string"
+ },
"Options": {
"$ref": "#/definitions/VpcOptions",
"description": "Vpc options of the attachment."
@@ -155,6 +183,10 @@
"description": "Owner account of the attachment.",
"type": "string"
},
+ "ProposedNetworkFunctionGroupChange": {
+ "$ref": "#/definitions/ProposedNetworkFunctionGroupChange",
+ "description": "The attachment to move from one network function group to another."
+ },
"ProposedSegmentChange": {
"$ref": "#/definitions/ProposedSegmentChange",
"description": "The attachment to move from one segment to another."
@@ -208,6 +240,7 @@
"/properties/EdgeLocation",
"/properties/AttachmentPolicyRuleNumber",
"/properties/SegmentName",
+ "/properties/NetworkFunctionGroupName",
"/properties/ResourceArn"
],
"required": [
@@ -218,6 +251,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-networkmanager/aws-networkmanager-vpcattachment",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "networkmanager:TagResource",
+ "networkmanager:UntagResource",
+ "networkmanager:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-nimblestudio-launchprofile.json b/schema/aws-nimblestudio-launchprofile.json
deleted file mode 100644
index 6fbc933..0000000
--- a/schema/aws-nimblestudio-launchprofile.json
+++ /dev/null
@@ -1,347 +0,0 @@
-{
- "additionalProperties": false,
- "createOnlyProperties": [
- "/properties/Ec2SubnetIds",
- "/properties/StudioId",
- "/properties/Tags"
- ],
- "definitions": {
- "AutomaticTerminationMode": {
- "enum": [
- "DEACTIVATED",
- "ACTIVATED"
- ],
- "type": "string"
- },
- "SessionBackupMode": {
- "enum": [
- "AUTOMATIC",
- "DEACTIVATED"
- ],
- "type": "string"
- },
- "SessionPersistenceMode": {
- "enum": [
- "DEACTIVATED",
- "ACTIVATED"
- ],
- "type": "string"
- },
- "StreamConfiguration": {
- "additionalProperties": false,
- "description": "A configuration for a streaming session.
",
- "properties": {
- "AutomaticTerminationMode": {
- "$ref": "#/definitions/AutomaticTerminationMode"
- },
- "ClipboardMode": {
- "$ref": "#/definitions/StreamingClipboardMode"
- },
- "Ec2InstanceTypes": {
- "description": "The EC2 instance types that users can select from when launching a streaming session\n with this launch profile.
",
- "items": {
- "$ref": "#/definitions/StreamingInstanceType"
- },
- "maxItems": 30,
- "minItems": 1,
- "type": "array"
- },
- "MaxSessionLengthInMinutes": {
- "default": 690,
- "description": "The length of time, in minutes, that a streaming session can be active before it is\n stopped or terminated. After this point, Nimble Studio automatically terminates or\n stops the session. The default length of time is 690 minutes, and the maximum length of\n time is 30 days.
",
- "maximum": 43200,
- "minimum": 1,
- "type": "number"
- },
- "MaxStoppedSessionLengthInMinutes": {
- "default": 0,
- "description": "Integer that determines if you can start and stop your sessions and how long a session\n can stay in the STOPPED state. The default value is 0. The maximum value is\n 5760.
\n This field is allowed only when sessionPersistenceMode is\n ACTIVATED and automaticTerminationMode is\n ACTIVATED.
\n If the value is set to 0, your sessions can\u2019t be STOPPED. If you then\n call StopStreamingSession, the session fails. If the time that a session\n stays in the READY state exceeds the maxSessionLengthInMinutes\n value, the session will automatically be terminated (instead of\n STOPPED).
\n If the value is set to a positive number, the session can be stopped. You can call\n StopStreamingSession to stop sessions in the READY state.\n If the time that a session stays in the READY state exceeds the\n maxSessionLengthInMinutes value, the session will automatically be\n stopped (instead of terminated).
",
- "maximum": 5760,
- "minimum": 0,
- "type": "number"
- },
- "SessionBackup": {
- "$ref": "#/definitions/StreamConfigurationSessionBackup"
- },
- "SessionPersistenceMode": {
- "$ref": "#/definitions/SessionPersistenceMode"
- },
- "SessionStorage": {
- "$ref": "#/definitions/StreamConfigurationSessionStorage"
- },
- "StreamingImageIds": {
- "description": "The streaming images that users can select from when launching a streaming session\n with this launch profile.
",
- "items": {
- "maxLength": 22,
- "minLength": 0,
- "pattern": "^[a-zA-Z0-9-_]*$",
- "type": "string"
- },
- "maxItems": 20,
- "minItems": 1,
- "type": "array"
- },
- "VolumeConfiguration": {
- "$ref": "#/definitions/VolumeConfiguration"
- }
- },
- "required": [
- "ClipboardMode",
- "Ec2InstanceTypes",
- "StreamingImageIds"
- ],
- "type": "object"
- },
- "StreamConfigurationSessionBackup": {
- "additionalProperties": false,
- "description": "Configures how streaming sessions are backed up when launched from this launch\n profile.
",
- "properties": {
- "MaxBackupsToRetain": {
- "default": 0,
- "description": "The maximum number of backups that each streaming session created from this launch\n profile can have.
",
- "maximum": 10,
- "minimum": 0,
- "type": "number"
- },
- "Mode": {
- "$ref": "#/definitions/SessionBackupMode"
- }
- },
- "type": "object"
- },
- "StreamConfigurationSessionStorage": {
- "additionalProperties": false,
- "description": "The configuration for a streaming session\u2019s upload storage.
",
- "properties": {
- "Mode": {
- "description": "Allows artists to upload files to their workstations. The only valid option is\n UPLOAD.
",
- "items": {
- "$ref": "#/definitions/StreamingSessionStorageMode"
- },
- "minItems": 1,
- "type": "array"
- },
- "Root": {
- "$ref": "#/definitions/StreamingSessionStorageRoot"
- }
- },
- "required": [
- "Mode"
- ],
- "type": "object"
- },
- "StreamingClipboardMode": {
- "enum": [
- "ENABLED",
- "DISABLED"
- ],
- "type": "string"
- },
- "StreamingInstanceType": {
- "enum": [
- "g4dn.xlarge",
- "g4dn.2xlarge",
- "g4dn.4xlarge",
- "g4dn.8xlarge",
- "g4dn.12xlarge",
- "g4dn.16xlarge",
- "g3.4xlarge",
- "g3s.xlarge",
- "g5.xlarge",
- "g5.2xlarge",
- "g5.4xlarge",
- "g5.8xlarge",
- "g5.16xlarge"
- ],
- "type": "string"
- },
- "StreamingSessionStorageMode": {
- "enum": [
- "UPLOAD"
- ],
- "type": "string"
- },
- "StreamingSessionStorageRoot": {
- "additionalProperties": false,
- "description": "The upload storage root location (folder) on streaming workstations where files are\n uploaded.
",
- "properties": {
- "Linux": {
- "description": "The folder path in Linux workstations where files are uploaded.
",
- "maxLength": 128,
- "minLength": 1,
- "pattern": "^(\\$HOME|/)[/]?([A-Za-z0-9-_]+/)*([A-Za-z0-9_-]+)$",
- "type": "string"
- },
- "Windows": {
- "description": "The folder path in Windows workstations where files are uploaded.
",
- "maxLength": 128,
- "minLength": 1,
- "pattern": "^((\\%HOMEPATH\\%)|[a-zA-Z]:)[\\\\/](?:[a-zA-Z0-9_-]+[\\\\/])*[a-zA-Z0-9_-]+$",
- "type": "string"
- }
- },
- "type": "object"
- },
- "Tags": {
- "additionalProperties": false,
- "patternProperties": {
- ".+": {
- "type": "string"
- }
- },
- "type": "object"
- },
- "VolumeConfiguration": {
- "additionalProperties": false,
- "description": "Custom volume configuration for the root volumes that are attached to streaming\n sessions.
\n This parameter is only allowed when sessionPersistenceMode is\n ACTIVATED.
",
- "properties": {
- "Iops": {
- "default": 3000,
- "description": "The number of I/O operations per second for the root volume that is attached to\n streaming session.
",
- "maximum": 16000,
- "minimum": 3000,
- "type": "number"
- },
- "Size": {
- "default": 500,
- "description": "The size of the root volume that is attached to the streaming session. The root volume\n size is measured in GiBs.
",
- "maximum": 16000,
- "minimum": 100,
- "type": "number"
- },
- "Throughput": {
- "default": 125,
- "description": "The throughput to provision for the root volume that is attached to the streaming\n session. The throughput is measured in MiB/s.
",
- "maximum": 1000,
- "minimum": 125,
- "type": "number"
- }
- },
- "type": "object"
- }
- },
- "description": "Represents a launch profile which delegates access to a collection of studio components to studio users",
- "handlers": {
- "create": {
- "permissions": [
- "nimble:CreateLaunchProfile",
- "nimble:GetLaunchProfile",
- "nimble:TagResource",
- "ec2:CreateNetworkInterface",
- "ec2:CreateNetworkInterfacePermission",
- "ec2:RunInstances",
- "ec2:DescribeSubnets"
- ]
- },
- "delete": {
- "permissions": [
- "nimble:DeleteLaunchProfile",
- "nimble:GetLaunchProfile",
- "nimble:UntagResource"
- ]
- },
- "list": {
- "handlerSchema": {
- "properties": {
- "StudioId": {
- "$ref": "resource-schema.json#/properties/StudioId"
- }
- },
- "required": [
- "StudioId"
- ]
- },
- "permissions": [
- "nimble:ListLaunchProfiles"
- ]
- },
- "read": {
- "permissions": [
- "nimble:GetLaunchProfile"
- ]
- },
- "update": {
- "permissions": [
- "nimble:UpdateLaunchProfile",
- "nimble:GetLaunchProfile",
- "ec2:CreateNetworkInterface",
- "ec2:CreateNetworkInterfacePermission",
- "ec2:DescribeSubnets",
- "ec2:RunInstances"
- ]
- }
- },
- "primaryIdentifier": [
- "/properties/LaunchProfileId",
- "/properties/StudioId"
- ],
- "properties": {
- "Description": {
- "description": "The description.
",
- "maxLength": 256,
- "minLength": 0,
- "type": "string"
- },
- "Ec2SubnetIds": {
- "description": "Specifies the IDs of the EC2 subnets where streaming sessions will be accessible from.\n These subnets must support the specified instance types.
",
- "items": {
- "type": "string"
- },
- "maxItems": 6,
- "minItems": 0,
- "type": "array"
- },
- "LaunchProfileId": {
- "type": "string"
- },
- "LaunchProfileProtocolVersions": {
- "description": "The version number of the protocol that is used by the launch profile. The only valid\n version is \"2021-03-31\".
",
- "items": {
- "description": "The version number of the protocol that is used by the launch profile. The only valid\n version is \"2021-03-31\".
",
- "maxLength": 10,
- "minLength": 0,
- "pattern": "^2021\\-03\\-31$",
- "type": "string"
- },
- "type": "array"
- },
- "Name": {
- "description": "The name for the launch profile.
",
- "maxLength": 64,
- "minLength": 1,
- "type": "string"
- },
- "StreamConfiguration": {
- "$ref": "#/definitions/StreamConfiguration"
- },
- "StudioComponentIds": {
- "description": "Unique identifiers for a collection of studio components that can be used with this\n launch profile.
",
- "items": {
- "type": "string"
- },
- "maxItems": 100,
- "minItems": 1,
- "type": "array"
- },
- "StudioId": {
- "description": "The studio ID.
",
- "type": "string"
- },
- "Tags": {
- "$ref": "#/definitions/Tags"
- }
- },
- "readOnlyProperties": [
- "/properties/LaunchProfileId"
- ],
- "required": [
- "StudioId",
- "Name",
- "StudioComponentIds",
- "Ec2SubnetIds",
- "StreamConfiguration",
- "LaunchProfileProtocolVersions"
- ],
- "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-nimblestudio",
- "typeName": "AWS::NimbleStudio::LaunchProfile"
-}
diff --git a/schema/aws-nimblestudio-streamingimage.json b/schema/aws-nimblestudio-streamingimage.json
deleted file mode 100644
index 9eca367..0000000
--- a/schema/aws-nimblestudio-streamingimage.json
+++ /dev/null
@@ -1,177 +0,0 @@
-{
- "additionalProperties": false,
- "createOnlyProperties": [
- "/properties/Ec2ImageId",
- "/properties/StudioId",
- "/properties/Tags"
- ],
- "definitions": {
- "StreamingImageEncryptionConfiguration": {
- "additionalProperties": false,
- "description": "TODO
",
- "properties": {
- "KeyArn": {
- "description": "The ARN for a KMS key that is used to encrypt studio data.
",
- "minLength": 4,
- "pattern": "^arn:.*",
- "type": "string"
- },
- "KeyType": {
- "$ref": "#/definitions/StreamingImageEncryptionConfigurationKeyType"
- }
- },
- "required": [
- "KeyType"
- ],
- "type": "object"
- },
- "StreamingImageEncryptionConfigurationKeyType": {
- "description": "",
- "enum": [
- "CUSTOMER_MANAGED_KEY"
- ],
- "type": "string"
- },
- "Tags": {
- "additionalProperties": false,
- "description": "",
- "patternProperties": {
- ".+": {
- "type": "string"
- }
- },
- "type": "object"
- }
- },
- "description": "Represents a streaming session machine image that can be used to launch a streaming session",
- "handlers": {
- "create": {
- "permissions": [
- "nimble:CreateStreamingImage",
- "nimble:GetStreamingImage",
- "nimble:TagResource",
- "ec2:DescribeImages",
- "ec2:DescribeSnapshots",
- "ec2:ModifyInstanceAttribute",
- "ec2:ModifySnapshotAttribute",
- "ec2:ModifyImageAttribute",
- "ec2:RegisterImage",
- "kms:Encrypt",
- "kms:Decrypt",
- "kms:CreateGrant",
- "kms:ListGrants",
- "kms:GenerateDataKey"
- ]
- },
- "delete": {
- "permissions": [
- "nimble:DeleteStreamingImage",
- "nimble:GetStreamingImage",
- "nimble:UntagResource",
- "ec2:ModifyInstanceAttribute",
- "ec2:ModifySnapshotAttribute",
- "ec2:DeregisterImage",
- "ec2:DeleteSnapshot",
- "kms:ListGrants",
- "kms:RetireGrant"
- ]
- },
- "list": {
- "handlerSchema": {
- "properties": {
- "StudioId": {
- "$ref": "resource-schema.json#/properties/StudioId"
- }
- },
- "required": [
- "StudioId"
- ]
- },
- "permissions": [
- "nimble:ListStreamingImages"
- ]
- },
- "read": {
- "permissions": [
- "nimble:GetStreamingImage"
- ]
- },
- "update": {
- "permissions": [
- "nimble:UpdateStreamingImage",
- "nimble:GetStreamingImage",
- "kms:Encrypt",
- "kms:Decrypt",
- "kms:CreateGrant",
- "kms:ListGrants",
- "kms:GenerateDataKey"
- ]
- }
- },
- "primaryIdentifier": [
- "/properties/StudioId",
- "/properties/StreamingImageId"
- ],
- "properties": {
- "Description": {
- "description": "A human-readable description of the streaming image.
",
- "maxLength": 256,
- "minLength": 0,
- "type": "string"
- },
- "Ec2ImageId": {
- "description": "The ID of an EC2 machine image with which to create this streaming image.
",
- "pattern": "^ami-[0-9A-z]+$",
- "type": "string"
- },
- "EncryptionConfiguration": {
- "$ref": "#/definitions/StreamingImageEncryptionConfiguration"
- },
- "EulaIds": {
- "description": "The list of EULAs that must be accepted before a Streaming Session can be started using this streaming image.
",
- "items": {
- "type": "string"
- },
- "type": "array"
- },
- "Name": {
- "description": "A friendly name for a streaming image resource.
",
- "maxLength": 64,
- "minLength": 0,
- "type": "string"
- },
- "Owner": {
- "description": "The owner of the streaming image, either the studioId that contains the streaming image, or 'amazon' for images that are provided by Amazon Nimble Studio.
",
- "type": "string"
- },
- "Platform": {
- "description": "The platform of the streaming image, either WINDOWS or LINUX.
",
- "pattern": "^[a-zA-Z]*$",
- "type": "string"
- },
- "StreamingImageId": {
- "type": "string"
- },
- "StudioId": {
- "description": "The studioId.
",
- "type": "string"
- },
- "Tags": {
- "$ref": "#/definitions/Tags"
- }
- },
- "readOnlyProperties": [
- "/properties/EncryptionConfiguration",
- "/properties/EulaIds",
- "/properties/Owner",
- "/properties/Platform",
- "/properties/StreamingImageId"
- ],
- "required": [
- "StudioId",
- "Ec2ImageId",
- "Name"
- ],
- "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-nimblestudio",
- "typeName": "AWS::NimbleStudio::StreamingImage"
-}
diff --git a/schema/aws-nimblestudio-studio.json b/schema/aws-nimblestudio-studio.json
deleted file mode 100644
index a2f0b83..0000000
--- a/schema/aws-nimblestudio-studio.json
+++ /dev/null
@@ -1,167 +0,0 @@
-{
- "additionalProperties": false,
- "createOnlyProperties": [
- "/properties/StudioName",
- "/properties/Tags"
- ],
- "definitions": {
- "StudioEncryptionConfiguration": {
- "additionalProperties": false,
- "description": "Configuration of the encryption method that is used for the studio.
",
- "properties": {
- "KeyArn": {
- "description": "The ARN for a KMS key that is used to encrypt studio data.
",
- "minLength": 4,
- "pattern": "^arn:.*",
- "type": "string"
- },
- "KeyType": {
- "$ref": "#/definitions/StudioEncryptionConfigurationKeyType"
- }
- },
- "required": [
- "KeyType"
- ],
- "type": "object"
- },
- "StudioEncryptionConfigurationKeyType": {
- "description": "The type of KMS key that is used to encrypt studio data.
",
- "enum": [
- "AWS_OWNED_KEY",
- "CUSTOMER_MANAGED_KEY"
- ],
- "type": "string"
- },
- "Tags": {
- "additionalProperties": false,
- "description": "",
- "patternProperties": {
- ".+": {
- "type": "string"
- }
- },
- "type": "object"
- }
- },
- "description": "Represents a studio that contains other Nimble Studio resources",
- "handlers": {
- "create": {
- "permissions": [
- "iam:PassRole",
- "nimble:CreateStudio",
- "nimble:GetStudio",
- "nimble:TagResource",
- "sso:CreateManagedApplicationInstance",
- "kms:Encrypt",
- "kms:Decrypt",
- "kms:CreateGrant",
- "kms:ListGrants",
- "kms:GenerateDataKey"
- ]
- },
- "delete": {
- "permissions": [
- "nimble:DeleteStudio",
- "nimble:GetStudio",
- "nimble:UntagResource",
- "kms:Encrypt",
- "kms:Decrypt",
- "kms:ListGrants",
- "kms:RetireGrant",
- "kms:GenerateDataKey",
- "sso:DeleteManagedApplicationInstance",
- "sso:GetManagedApplicationInstance"
- ]
- },
- "list": {
- "permissions": [
- "nimble:ListStudios"
- ]
- },
- "read": {
- "permissions": [
- "nimble:GetStudio",
- "kms:Encrypt",
- "kms:Decrypt",
- "kms:ListGrants",
- "kms:GenerateDataKey"
- ]
- },
- "update": {
- "permissions": [
- "iam:PassRole",
- "nimble:UpdateStudio",
- "nimble:GetStudio",
- "kms:Encrypt",
- "kms:Decrypt",
- "kms:CreateGrant",
- "kms:ListGrants",
- "kms:GenerateDataKey"
- ]
- }
- },
- "primaryIdentifier": [
- "/properties/StudioId"
- ],
- "properties": {
- "AdminRoleArn": {
- "description": "The IAM role that Studio Admins will assume when logging in to the Nimble Studio portal.
",
- "type": "string"
- },
- "DisplayName": {
- "description": "A friendly name for the studio.
",
- "maxLength": 64,
- "minLength": 0,
- "type": "string"
- },
- "HomeRegion": {
- "description": "The Amazon Web Services Region where the studio resource is located.
",
- "maxLength": 50,
- "minLength": 0,
- "pattern": "[a-z]{2}-?(iso|gov)?-{1}[a-z]*-{1}[0-9]",
- "type": "string"
- },
- "SsoClientId": {
- "description": "The Amazon Web Services SSO application client ID used to integrate with Amazon Web Services SSO to enable Amazon Web Services SSO users to log in to Nimble Studio portal.
",
- "type": "string"
- },
- "StudioEncryptionConfiguration": {
- "$ref": "#/definitions/StudioEncryptionConfiguration"
- },
- "StudioId": {
- "type": "string"
- },
- "StudioName": {
- "description": "The studio name that is used in the URL of the Nimble Studio portal when accessed by Nimble Studio users.
",
- "maxLength": 64,
- "minLength": 3,
- "pattern": "^[a-z0-9]*$",
- "type": "string"
- },
- "StudioUrl": {
- "description": "The address of the web page for the studio.
",
- "type": "string"
- },
- "Tags": {
- "$ref": "#/definitions/Tags"
- },
- "UserRoleArn": {
- "description": "The IAM role that Studio Users will assume when logging in to the Nimble Studio portal.
",
- "type": "string"
- }
- },
- "readOnlyProperties": [
- "/properties/HomeRegion",
- "/properties/SsoClientId",
- "/properties/StudioId",
- "/properties/StudioUrl"
- ],
- "required": [
- "DisplayName",
- "UserRoleArn",
- "AdminRoleArn",
- "StudioName"
- ],
- "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-nimblestudio",
- "typeName": "AWS::NimbleStudio::Studio"
-}
diff --git a/schema/aws-nimblestudio-studiocomponent.json b/schema/aws-nimblestudio-studiocomponent.json
deleted file mode 100644
index 0399eab..0000000
--- a/schema/aws-nimblestudio-studiocomponent.json
+++ /dev/null
@@ -1,393 +0,0 @@
-{
- "additionalProperties": false,
- "createOnlyProperties": [
- "/properties/StudioId",
- "/properties/Subtype",
- "/properties/Tags"
- ],
- "definitions": {
- "ActiveDirectoryComputerAttribute": {
- "additionalProperties": false,
- "description": "An LDAP attribute of an Active Directory computer account, in the form of a name:value\n pair.
",
- "properties": {
- "Name": {
- "description": "The name for the LDAP attribute.
",
- "maxLength": 40,
- "minLength": 1,
- "type": "string"
- },
- "Value": {
- "description": "The value for the LDAP attribute.
",
- "maxLength": 64,
- "minLength": 1,
- "type": "string"
- }
- },
- "type": "object"
- },
- "ActiveDirectoryConfiguration": {
- "additionalProperties": false,
- "description": "The configuration for a Microsoft Active Directory (Microsoft AD) studio\n resource.
",
- "properties": {
- "ComputerAttributes": {
- "description": "A collection of custom attributes for an Active Directory computer.
",
- "items": {
- "$ref": "#/definitions/ActiveDirectoryComputerAttribute"
- },
- "maxItems": 50,
- "minItems": 0,
- "type": "array"
- },
- "DirectoryId": {
- "description": "The directory ID of the Directory Service for Microsoft Active Directory to access\n using this studio component.
",
- "type": "string"
- },
- "OrganizationalUnitDistinguishedName": {
- "description": "The distinguished name (DN) and organizational unit (OU) of an Active Directory\n computer.
",
- "maxLength": 2000,
- "minLength": 1,
- "type": "string"
- }
- },
- "type": "object"
- },
- "ComputeFarmConfiguration": {
- "additionalProperties": false,
- "description": "The configuration for a render farm that is associated with a studio resource.
",
- "properties": {
- "ActiveDirectoryUser": {
- "description": "The name of an Active Directory user that is used on ComputeFarm worker\n instances.
",
- "type": "string"
- },
- "Endpoint": {
- "description": "The endpoint of the ComputeFarm that is accessed by the studio component\n resource.
",
- "type": "string"
- }
- },
- "type": "object"
- },
- "LaunchProfilePlatform": {
- "enum": [
- "LINUX",
- "WINDOWS"
- ],
- "type": "string"
- },
- "LicenseServiceConfiguration": {
- "additionalProperties": false,
- "description": "The configuration for a license service that is associated with a studio\n resource.
",
- "properties": {
- "Endpoint": {
- "description": "The endpoint of the license service that is accessed by the studio component\n resource.
",
- "type": "string"
- }
- },
- "type": "object"
- },
- "ScriptParameterKeyValue": {
- "additionalProperties": false,
- "description": "A parameter for a studio component script, in the form of a key:value pair.
",
- "properties": {
- "Key": {
- "description": "A script parameter key.
",
- "maxLength": 64,
- "minLength": 1,
- "pattern": "^[a-zA-Z_][a-zA-Z0-9_]+$",
- "type": "string"
- },
- "Value": {
- "description": "A script parameter value.
",
- "maxLength": 256,
- "minLength": 1,
- "type": "string"
- }
- },
- "type": "object"
- },
- "SharedFileSystemConfiguration": {
- "additionalProperties": false,
- "description": "The configuration for a shared file storage system that is associated with a studio\n resource.
",
- "properties": {
- "Endpoint": {
- "description": "The endpoint of the shared file system that is accessed by the studio component\n resource.
",
- "type": "string"
- },
- "FileSystemId": {
- "description": "The unique identifier for a file system.
",
- "type": "string"
- },
- "LinuxMountPoint": {
- "description": "The mount location for a shared file system on a Linux virtual workstation.
",
- "maxLength": 128,
- "minLength": 0,
- "pattern": "^(/?|(\\$HOME)?(/[^/\\n\\s\\\\]+)*)$",
- "type": "string"
- },
- "ShareName": {
- "description": "The name of the file share.
",
- "type": "string"
- },
- "WindowsMountDrive": {
- "description": "The mount location for a shared file system on a Windows virtual workstation.
",
- "pattern": "^[A-Z]$",
- "type": "string"
- }
- },
- "type": "object"
- },
- "StudioComponentConfiguration": {
- "description": "The configuration of the studio component, based on component type.
",
- "oneOf": [
- {
- "additionalProperties": false,
- "properties": {
- "ActiveDirectoryConfiguration": {
- "$ref": "#/definitions/ActiveDirectoryConfiguration"
- }
- },
- "required": [
- "ActiveDirectoryConfiguration"
- ],
- "title": "ActiveDirectoryConfiguration",
- "type": "object"
- },
- {
- "additionalProperties": false,
- "properties": {
- "ComputeFarmConfiguration": {
- "$ref": "#/definitions/ComputeFarmConfiguration"
- }
- },
- "required": [
- "ComputeFarmConfiguration"
- ],
- "title": "ComputeFarmConfiguration",
- "type": "object"
- },
- {
- "additionalProperties": false,
- "properties": {
- "LicenseServiceConfiguration": {
- "$ref": "#/definitions/LicenseServiceConfiguration"
- }
- },
- "required": [
- "LicenseServiceConfiguration"
- ],
- "title": "LicenseServiceConfiguration",
- "type": "object"
- },
- {
- "additionalProperties": false,
- "properties": {
- "SharedFileSystemConfiguration": {
- "$ref": "#/definitions/SharedFileSystemConfiguration"
- }
- },
- "required": [
- "SharedFileSystemConfiguration"
- ],
- "title": "SharedFileSystemConfiguration",
- "type": "object"
- }
- ]
- },
- "StudioComponentInitializationScript": {
- "additionalProperties": false,
- "description": "Initialization scripts for studio components.
",
- "properties": {
- "LaunchProfileProtocolVersion": {
- "description": "The version number of the protocol that is used by the launch profile. The only valid\n version is \"2021-03-31\".
",
- "maxLength": 10,
- "minLength": 0,
- "pattern": "^2021\\-03\\-31$",
- "type": "string"
- },
- "Platform": {
- "$ref": "#/definitions/LaunchProfilePlatform"
- },
- "RunContext": {
- "$ref": "#/definitions/StudioComponentInitializationScriptRunContext"
- },
- "Script": {
- "description": "The initialization script.
",
- "maxLength": 5120,
- "minLength": 1,
- "type": "string"
- }
- },
- "type": "object"
- },
- "StudioComponentInitializationScriptRunContext": {
- "enum": [
- "SYSTEM_INITIALIZATION",
- "USER_INITIALIZATION"
- ],
- "type": "string"
- },
- "StudioComponentSubtype": {
- "enum": [
- "AWS_MANAGED_MICROSOFT_AD",
- "AMAZON_FSX_FOR_WINDOWS",
- "AMAZON_FSX_FOR_LUSTRE",
- "CUSTOM"
- ],
- "type": "string"
- },
- "StudioComponentType": {
- "enum": [
- "ACTIVE_DIRECTORY",
- "SHARED_FILE_SYSTEM",
- "COMPUTE_FARM",
- "LICENSE_SERVICE",
- "CUSTOM"
- ],
- "type": "string"
- },
- "Tags": {
- "additionalProperties": false,
- "patternProperties": {
- ".+": {
- "type": "string"
- }
- },
- "type": "object"
- }
- },
- "description": "Represents a studio component that connects a non-Nimble Studio resource in your account to your studio",
- "handlers": {
- "create": {
- "permissions": [
- "iam:PassRole",
- "nimble:CreateStudioComponent",
- "nimble:GetStudioComponent",
- "nimble:TagResource",
- "ds:AuthorizeApplication",
- "ec2:DescribeSecurityGroups",
- "fsx:DescribeFilesystems",
- "ds:DescribeDirectories"
- ]
- },
- "delete": {
- "permissions": [
- "nimble:DeleteStudioComponent",
- "nimble:GetStudioComponent",
- "nimble:UntagResource",
- "ds:UnauthorizeApplication"
- ]
- },
- "list": {
- "handlerSchema": {
- "properties": {
- "StudioId": {
- "$ref": "resource-schema.json#/properties/StudioId"
- }
- },
- "required": [
- "StudioId"
- ]
- },
- "permissions": [
- "nimble:ListStudioComponents"
- ]
- },
- "read": {
- "permissions": [
- "nimble:GetStudioComponent"
- ]
- },
- "update": {
- "permissions": [
- "iam:PassRole",
- "nimble:UpdateStudioComponent",
- "nimble:GetStudioComponent",
- "ds:AuthorizeApplication",
- "ec2:DescribeSecurityGroups",
- "fsx:DescribeFilesystems",
- "ds:DescribeDirectories"
- ]
- }
- },
- "primaryIdentifier": [
- "/properties/StudioComponentId",
- "/properties/StudioId"
- ],
- "properties": {
- "Configuration": {
- "$ref": "#/definitions/StudioComponentConfiguration"
- },
- "Description": {
- "description": "The description.
",
- "maxLength": 256,
- "minLength": 0,
- "type": "string"
- },
- "Ec2SecurityGroupIds": {
- "description": "The EC2 security groups that control access to the studio component.
",
- "items": {
- "type": "string"
- },
- "maxItems": 30,
- "minItems": 0,
- "type": "array"
- },
- "InitializationScripts": {
- "description": "Initialization scripts for studio components.
",
- "items": {
- "$ref": "#/definitions/StudioComponentInitializationScript"
- },
- "type": "array"
- },
- "Name": {
- "description": "The name for the studio component.
",
- "maxLength": 64,
- "minLength": 0,
- "type": "string"
- },
- "RuntimeRoleArn": {
- "maxLength": 2048,
- "minLength": 0,
- "type": "string"
- },
- "ScriptParameters": {
- "description": "Parameters for the studio component scripts.
",
- "items": {
- "$ref": "#/definitions/ScriptParameterKeyValue"
- },
- "maxItems": 30,
- "minItems": 0,
- "type": "array"
- },
- "SecureInitializationRoleArn": {
- "maxLength": 2048,
- "minLength": 0,
- "type": "string"
- },
- "StudioComponentId": {
- "type": "string"
- },
- "StudioId": {
- "description": "The studio ID.
",
- "type": "string"
- },
- "Subtype": {
- "$ref": "#/definitions/StudioComponentSubtype"
- },
- "Tags": {
- "$ref": "#/definitions/Tags"
- },
- "Type": {
- "$ref": "#/definitions/StudioComponentType"
- }
- },
- "readOnlyProperties": [
- "/properties/StudioComponentId"
- ],
- "required": [
- "StudioId",
- "Name",
- "Type"
- ],
- "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-nimblestudio",
- "typeName": "AWS::NimbleStudio::StudioComponent"
-}
diff --git a/schema/aws-notifications-channelassociation.json b/schema/aws-notifications-channelassociation.json
new file mode 100644
index 0000000..5fdd15e
--- /dev/null
+++ b/schema/aws-notifications-channelassociation.json
@@ -0,0 +1,66 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Arn",
+ "/properties/NotificationConfigurationArn"
+ ],
+ "description": "Definition of AWS::Notifications::ChannelAssociation Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "notifications:AssociateChannel",
+ "notifications:ListChannels"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "notifications:DisassociateChannel"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "NotificationConfigurationArn": {
+ "pattern": "^arn:aws:notifications::[0-9]{12}:configuration\\/[a-z0-9]{27}$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "NotificationConfigurationArn"
+ ]
+ },
+ "permissions": [
+ "notifications:ListChannels"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "notifications:ListChannels"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn",
+ "/properties/NotificationConfigurationArn"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "ARN identifier of the channel.\nExample: arn:aws:chatbot::123456789012:chat-configuration/slack-channel/security-ops",
+ "pattern": "^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$",
+ "type": "string"
+ },
+ "NotificationConfigurationArn": {
+ "description": "ARN identifier of the NotificationConfiguration.\nExample: arn:aws:notifications::123456789012:configuration/a01jes88qxwkbj05xv9c967pgm1",
+ "pattern": "^arn:aws:notifications::[0-9]{12}:configuration\\/[a-z0-9]{27}$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Arn",
+ "NotificationConfigurationArn"
+ ],
+ "tagging": {
+ "taggable": false
+ },
+ "typeName": "AWS::Notifications::ChannelAssociation"
+}
diff --git a/schema/aws-notifications-eventrule.json b/schema/aws-notifications-eventrule.json
new file mode 100644
index 0000000..623c908
--- /dev/null
+++ b/schema/aws-notifications-eventrule.json
@@ -0,0 +1,163 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/EventType",
+ "/properties/NotificationConfigurationArn",
+ "/properties/Source"
+ ],
+ "definitions": {
+ "EventRuleStatus": {
+ "enum": [
+ "ACTIVE",
+ "INACTIVE",
+ "CREATING",
+ "UPDATING",
+ "DELETING"
+ ],
+ "type": "string"
+ },
+ "EventRuleStatusSummary": {
+ "additionalProperties": false,
+ "properties": {
+ "Reason": {
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/EventRuleStatus"
+ }
+ },
+ "required": [
+ "Reason",
+ "Status"
+ ],
+ "type": "object"
+ },
+ "StatusSummaryByRegion": {
+ "additionalProperties": false,
+ "patternProperties": {
+ "^([a-z]{1,2})-([a-z]{1,15}-)+([0-9])$": {
+ "$ref": "#/definitions/EventRuleStatusSummary"
+ }
+ },
+ "type": "object"
+ },
+ "Unit": {
+ "additionalProperties": false,
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::Notifications::EventRule Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "notifications:CreateEventRule",
+ "notifications:UpdateEventRule",
+ "notifications:GetEventRule"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "notifications:DeleteEventRule",
+ "notifications:GetEventRule"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "NotificationConfigurationArn": {
+ "pattern": "^arn:aws:notifications::[0-9]{12}:configuration\\/[a-z0-9]{27}$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "NotificationConfigurationArn"
+ ]
+ },
+ "permissions": [
+ "notifications:ListEventRules",
+ "notifications:GetEventRule"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "notifications:GetEventRule"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "notifications:UpdateEventRule",
+ "notifications:GetEventRule"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn"
+ ],
+ "properties": {
+ "Arn": {
+ "pattern": "^arn:aws:notifications::[0-9]{12}:configuration/[a-z0-9]{27}/rule/[a-z0-9]{27}$",
+ "type": "string"
+ },
+ "CreationTime": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "EventPattern": {
+ "maxLength": 4096,
+ "minLength": 0,
+ "type": "string"
+ },
+ "EventType": {
+ "maxLength": 128,
+ "minLength": 1,
+ "pattern": "^([a-zA-Z0-9 \\-\\(\\)])+$",
+ "type": "string"
+ },
+ "ManagedRules": {
+ "items": {
+ "pattern": "^arn:aws:events:[a-z-\\d]{2,25}:\\d{12}:rule\\/[a-zA-Z-\\d]{1,1024}$",
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "NotificationConfigurationArn": {
+ "pattern": "^arn:aws:notifications::[0-9]{12}:configuration/[a-z0-9]{27}$",
+ "type": "string"
+ },
+ "Regions": {
+ "items": {
+ "maxLength": 25,
+ "minLength": 2,
+ "pattern": "^([a-z]{1,2})-([a-z]{1,15}-)+([0-9])$",
+ "type": "string"
+ },
+ "minItems": 1,
+ "type": "array"
+ },
+ "Source": {
+ "maxLength": 36,
+ "minLength": 1,
+ "pattern": "^aws.([a-z0-9\\-])+$",
+ "type": "string"
+ },
+ "StatusSummaryByRegion": {
+ "$ref": "#/definitions/StatusSummaryByRegion"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/CreationTime",
+ "/properties/ManagedRules",
+ "/properties/StatusSummaryByRegion"
+ ],
+ "required": [
+ "EventType",
+ "NotificationConfigurationArn",
+ "Regions",
+ "Source"
+ ],
+ "tagging": {
+ "taggable": false
+ },
+ "typeName": "AWS::Notifications::EventRule"
+}
diff --git a/schema/aws-notifications-managednotificationaccountcontactassociation.json b/schema/aws-notifications-managednotificationaccountcontactassociation.json
new file mode 100644
index 0000000..f1f6d14
--- /dev/null
+++ b/schema/aws-notifications-managednotificationaccountcontactassociation.json
@@ -0,0 +1,86 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ManagedNotificationConfigurationArn",
+ "/properties/ContactIdentifier"
+ ],
+ "definitions": {
+ "ContactIdentifier": {
+ "description": "This unique identifier for Contact",
+ "enum": [
+ "ACCOUNT_PRIMARY",
+ "ACCOUNT_ALTERNATE_SECURITY",
+ "ACCOUNT_ALTERNATE_OPERATIONS",
+ "ACCOUNT_ALTERNATE_BILLING"
+ ],
+ "type": "string"
+ },
+ "ManagedNotificationConfigurationArn": {
+ "description": "The managed notification configuration ARN, against which the account contact association will be created",
+ "pattern": "^arn:[-.a-z0-9]{1,63}:notifications::[0-9]{12}:managed-notification-configuration/category/[a-zA-Z0-9-]{3,64}/sub-category/[a-zA-Z0-9-]{3,64}$",
+ "type": "string"
+ }
+ },
+ "description": "This resource schema represents the ManagedNotificationAccountContactAssociation resource in the AWS User Notifications.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "notifications:AssociateManagedNotificationAccountContact",
+ "notifications:ListManagedNotificationChannelAssociations"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "notifications:DisassociateManagedNotificationAccountContact",
+ "notifications:ListManagedNotificationChannelAssociations"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "ManagedNotificationConfigurationArn": {
+ "pattern": "^arn:[-.a-z0-9]{1,63}:notifications::([0-9]{12}|):managed-notification-configuration/category/[a-zA-Z0-9-]{3,64}/sub-category/[a-zA-Z0-9-]{3,64}$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "ManagedNotificationConfigurationArn"
+ ]
+ },
+ "permissions": [
+ "notifications:ListManagedNotificationChannelAssociations"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "notifications:ListManagedNotificationChannelAssociations"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "notifications:ListManagedNotificationChannelAssociations"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/ManagedNotificationConfigurationArn",
+ "/properties/ContactIdentifier"
+ ],
+ "properties": {
+ "ContactIdentifier": {
+ "$ref": "#/definitions/ContactIdentifier"
+ },
+ "ManagedNotificationConfigurationArn": {
+ "$ref": "#/definitions/ManagedNotificationConfigurationArn"
+ }
+ },
+ "required": [
+ "ContactIdentifier",
+ "ManagedNotificationConfigurationArn"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "taggable": false
+ },
+ "typeName": "AWS::Notifications::ManagedNotificationAccountContactAssociation"
+}
diff --git a/schema/aws-notifications-managednotificationadditionalchannelassociation.json b/schema/aws-notifications-managednotificationadditionalchannelassociation.json
new file mode 100644
index 0000000..61c13a2
--- /dev/null
+++ b/schema/aws-notifications-managednotificationadditionalchannelassociation.json
@@ -0,0 +1,66 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ChannelArn",
+ "/properties/ManagedNotificationConfigurationArn"
+ ],
+ "description": "Definition of AWS::Notifications::ManagedNotificationAdditionalChannelAssociation Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "notifications:AssociateManagedNotificationAdditionalChannel",
+ "notifications:ListManagedNotificationChannelAssociations"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "notifications:DisassociateManagedNotificationAdditionalChannel",
+ "notifications:ListManagedNotificationChannelAssociations"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "NotificationConfigurationArn": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "ManagedNotificationConfigurationArn"
+ ]
+ },
+ "permissions": [
+ "notifications:ListManagedNotificationChannelAssociations"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "notifications:ListManagedNotificationChannelAssociations"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/ChannelArn",
+ "/properties/ManagedNotificationConfigurationArn"
+ ],
+ "properties": {
+ "ChannelArn": {
+ "description": "ARN identifier of the channel.\nExample: arn:aws:chatbot::123456789012:chat-configuration/slack-channel/security-ops",
+ "pattern": "^arn:aws:(chatbot|consoleapp|notifications-contacts):[a-zA-Z0-9-]*:[0-9]{12}:[a-zA-Z0-9-_.@]+/[a-zA-Z0-9/_.@:-]+$",
+ "type": "string"
+ },
+ "ManagedNotificationConfigurationArn": {
+ "description": "ARN identifier of the Managed Notification.\nExample: arn:aws:notifications::381491923782:managed-notification-configuration/category/AWS-Health/sub-category/Billing",
+ "pattern": "^arn:[-.a-z0-9]{1,63}:notifications::[0-9]{12}:managed-notification-configuration/category/[a-zA-Z0-9-]{3,64}/sub-category/[a-zA-Z0-9-]{3,64}$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "ChannelArn",
+ "ManagedNotificationConfigurationArn"
+ ],
+ "tagging": {
+ "taggable": false
+ },
+ "typeName": "AWS::Notifications::ManagedNotificationAdditionalChannelAssociation"
+}
diff --git a/schema/aws-notifications-notificationconfiguration.json b/schema/aws-notifications-notificationconfiguration.json
new file mode 100644
index 0000000..f1a9e88
--- /dev/null
+++ b/schema/aws-notifications-notificationconfiguration.json
@@ -0,0 +1,153 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Tags"
+ ],
+ "definitions": {
+ "AggregationDuration": {
+ "enum": [
+ "LONG",
+ "SHORT",
+ "NONE"
+ ],
+ "type": "string"
+ },
+ "NotificationConfigurationStatus": {
+ "enum": [
+ "ACTIVE",
+ "PARTIALLY_ACTIVE",
+ "INACTIVE",
+ "DELETING"
+ ],
+ "type": "string"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ },
+ "TagMap": {
+ "description": "A list of tags that are attached to the role.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": false
+ }
+ },
+ "description": "Definition of AWS::Notifications::NotificationConfiguration Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "notifications:CreateNotificationConfiguration",
+ "notifications:GetNotificationConfiguration",
+ "notifications:UpdateNotificationConfiguration",
+ "notifications:TagResource",
+ "notifications:UntagResource",
+ "notifications:ListTagsForResource",
+ "iam:CreateServiceLinkedRole"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "notifications:DeleteNotificationConfiguration"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "notifications:ListNotificationConfigurations",
+ "notifications:ListTagsForResource"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "notifications:GetNotificationConfiguration",
+ "notifications:ListTagsForResource",
+ "notifications:TagResource",
+ "notifications:UntagResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "notifications:CreateNotificationConfiguration",
+ "notifications:GetNotificationConfiguration",
+ "notifications:UpdateNotificationConfiguration",
+ "notifications:TagResource",
+ "notifications:UntagResource",
+ "notifications:ListTagsForResource"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn"
+ ],
+ "properties": {
+ "AggregationDuration": {
+ "$ref": "#/definitions/AggregationDuration"
+ },
+ "Arn": {
+ "pattern": "^arn:aws:notifications::[0-9]{12}:configuration/[a-z0-9]{27}$",
+ "type": "string"
+ },
+ "CreationTime": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "Description": {
+ "maxLength": 256,
+ "minLength": 0,
+ "pattern": "^[^\\u0001-\\u001F\\u007F-\\u009F]*$",
+ "type": "string"
+ },
+ "Name": {
+ "maxLength": 64,
+ "minLength": 1,
+ "pattern": "^[A-Za-z0-9_\\-]+$",
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/NotificationConfigurationStatus"
+ },
+ "Tags": {
+ "$ref": "#/definitions/TagMap"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/CreationTime",
+ "/properties/Status",
+ "/properties/Arn"
+ ],
+ "required": [
+ "Description",
+ "Name"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "notifications:TagResource",
+ "notifications:UntagResource",
+ "notifications:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
+ "typeName": "AWS::Notifications::NotificationConfiguration"
+}
diff --git a/schema/aws-notifications-notificationhub.json b/schema/aws-notifications-notificationhub.json
new file mode 100644
index 0000000..3d1bf1d
--- /dev/null
+++ b/schema/aws-notifications-notificationhub.json
@@ -0,0 +1,92 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Region"
+ ],
+ "definitions": {
+ "NotificationHubStatus": {
+ "enum": [
+ "ACTIVE",
+ "REGISTERING",
+ "DEREGISTERING",
+ "INACTIVE"
+ ],
+ "type": "string"
+ },
+ "NotificationHubStatusSummary": {
+ "additionalProperties": false,
+ "properties": {
+ "NotificationHubStatus": {
+ "$ref": "#/definitions/NotificationHubStatus"
+ },
+ "NotificationHubStatusReason": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "NotificationHubStatus",
+ "NotificationHubStatusReason"
+ ],
+ "type": "object"
+ },
+ "Region": {
+ "description": "Region that NotificationHub is present in.",
+ "maxLength": 25,
+ "minLength": 2,
+ "pattern": "^([a-z]{1,2})-([a-z]{1,15}-)+([0-9])$",
+ "type": "string"
+ }
+ },
+ "description": "Definition of AWS::Notifications::NotificationHub Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "notifications:RegisterNotificationHub",
+ "notifications:ListNotificationHubs",
+ "iam:CreateServiceLinkedRole"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "notifications:DeregisterNotificationHub",
+ "notifications:ListNotificationHubs"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "notifications:ListNotificationHubs"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "notifications:ListNotificationHubs"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Region"
+ ],
+ "properties": {
+ "CreationTime": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "NotificationHubStatusSummary": {
+ "$ref": "#/definitions/NotificationHubStatusSummary"
+ },
+ "Region": {
+ "$ref": "#/definitions/Region"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/CreationTime",
+ "/properties/NotificationHubStatusSummary"
+ ],
+ "required": [
+ "Region"
+ ],
+ "tagging": {
+ "taggable": false
+ },
+ "typeName": "AWS::Notifications::NotificationHub"
+}
diff --git a/schema/aws-notificationscontacts-emailcontact.json b/schema/aws-notificationscontacts-emailcontact.json
new file mode 100644
index 0000000..680353b
--- /dev/null
+++ b/schema/aws-notificationscontacts-emailcontact.json
@@ -0,0 +1,177 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/EmailAddress",
+ "/properties/Name",
+ "/properties/Tags"
+ ],
+ "definitions": {
+ "EmailContact": {
+ "additionalProperties": false,
+ "properties": {
+ "Address": {
+ "maxLength": 254,
+ "minLength": 6,
+ "pattern": "^(.+)@(.+)$",
+ "type": "string"
+ },
+ "Arn": {
+ "pattern": "^arn:aws:notifications-contacts::[0-9]{12}:emailcontact/[a-z0-9]{27}$",
+ "type": "string"
+ },
+ "CreationTime": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "Name": {
+ "maxLength": 64,
+ "minLength": 1,
+ "pattern": "[\\w-.~]+",
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/EmailContactStatus"
+ },
+ "UpdateTime": {
+ "format": "date-time",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Address",
+ "Arn",
+ "CreationTime",
+ "Name",
+ "Status",
+ "UpdateTime"
+ ],
+ "type": "object"
+ },
+ "EmailContactStatus": {
+ "enum": [
+ "inactive",
+ "active"
+ ],
+ "type": "string"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ },
+ "TagMap": {
+ "description": "A list of tags that are attached to the role.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": false
+ }
+ },
+ "description": "Definition of AWS::NotificationsContacts::EmailContact Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "notifications-contacts:CreateEmailContact",
+ "notifications-contacts:GetEmailContact",
+ "notifications-contacts:SendActivationCode",
+ "notifications-contacts:ListEmailContacts",
+ "notifications-contacts:TagResource",
+ "notifications-contacts:UntagResource",
+ "notifications-contacts:ListTagsForResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "notifications-contacts:DeleteEmailContact",
+ "notifications-contacts:GetEmailContact"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "notifications-contacts:ListEmailContacts"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "notifications-contacts:GetEmailContact",
+ "notifications-contacts:ListTagsForResource",
+ "notifications-contacts:TagResource"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn"
+ ],
+ "properties": {
+ "Arn": {
+ "pattern": "^arn:aws:notifications-contacts::[0-9]{12}:emailcontact/[a-z0-9]{27}$",
+ "type": "string"
+ },
+ "EmailAddress": {
+ "maxLength": 254,
+ "minLength": 6,
+ "pattern": "^(.+)@(.+)$",
+ "type": "string"
+ },
+ "EmailContact": {
+ "$ref": "#/definitions/EmailContact"
+ },
+ "Name": {
+ "maxLength": 64,
+ "minLength": 1,
+ "pattern": "[\\w-.~]+",
+ "type": "string"
+ },
+ "Tags": {
+ "$ref": "#/definitions/TagMap"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/EmailContact",
+ "/properties/EmailContact/Arn",
+ "/properties/EmailContact/Address",
+ "/properties/EmailContact/Name",
+ "/properties/EmailContact/Status",
+ "/properties/EmailContact/CreationTime",
+ "/properties/EmailContact/UpdateTime"
+ ],
+ "required": [
+ "EmailAddress",
+ "Name"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "notifications-contacts:TagResource",
+ "notifications-contacts:UntagResource",
+ "notifications-contacts:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
+ "typeName": "AWS::NotificationsContacts::EmailContact",
+ "writeOnlyProperties": [
+ "/properties/EmailAddress",
+ "/properties/Name"
+ ]
+}
diff --git a/schema/aws-oam-link.json b/schema/aws-oam-link.json
index 3ac4025..adc5f8c 100644
--- a/schema/aws-oam-link.json
+++ b/schema/aws-oam-link.json
@@ -37,7 +37,9 @@
"AWS::Logs::LogGroup",
"AWS::XRay::Trace",
"AWS::ApplicationInsights::Application",
- "AWS::InternetMonitor::Monitor"
+ "AWS::InternetMonitor::Monitor",
+ "AWS::ApplicationSignals::Service",
+ "AWS::ApplicationSignals::ServiceLevelObjective"
],
"type": "string"
}
@@ -48,11 +50,14 @@
"permissions": [
"oam:CreateLink",
"oam:GetLink",
+ "oam:TagResource",
+ "oam:ListTagsForResource",
"cloudwatch:Link",
"logs:Link",
"xray:Link",
"applicationinsights:Link",
- "internetmonitor:Link"
+ "internetmonitor:Link",
+ "application-signals:Link"
]
},
"delete": {
@@ -68,7 +73,8 @@
},
"read": {
"permissions": [
- "oam:GetLink"
+ "oam:GetLink",
+ "oam:ListTagsForResource"
]
},
"update": {
@@ -80,8 +86,10 @@
"xray:Link",
"applicationinsights:Link",
"internetmonitor:Link",
+ "application-signals:Link",
"oam:TagResource",
- "oam:UntagResource"
+ "oam:UntagResource",
+ "oam:ListTagsForResource"
]
}
},
@@ -145,7 +153,13 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "oam:ListTagsForResource",
+ "oam:UntagResource",
+ "oam:TagResource"
+ ],
"tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
diff --git a/schema/aws-oam-sink.json b/schema/aws-oam-sink.json
index d3b3345..2c978a0 100644
--- a/schema/aws-oam-sink.json
+++ b/schema/aws-oam-sink.json
@@ -10,7 +10,9 @@
"oam:CreateSink",
"oam:PutSinkPolicy",
"oam:GetSinkPolicy",
- "oam:GetSink"
+ "oam:GetSink",
+ "oam:TagResource",
+ "oam:ListTagsForResource"
]
},
"delete": {
@@ -28,7 +30,8 @@
"read": {
"permissions": [
"oam:GetSinkPolicy",
- "oam:GetSink"
+ "oam:GetSink",
+ "oam:ListTagsForResource"
]
},
"update": {
@@ -37,7 +40,8 @@
"oam:GetSinkPolicy",
"oam:GetSink",
"oam:TagResource",
- "oam:UntagResource"
+ "oam:UntagResource",
+ "oam:ListTagsForResource"
]
}
},
@@ -84,7 +88,13 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "oam:ListTagsForResource",
+ "oam:UntagResource",
+ "oam:TagResource"
+ ],
"tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
diff --git a/schema/aws-omics-annotationstore.json b/schema/aws-omics-annotationstore.json
index 5351564..98a6986 100644
--- a/schema/aws-omics-annotationstore.json
+++ b/schema/aws-omics-annotationstore.json
@@ -285,7 +285,13 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "omics:TagResource",
+ "omics:UntagResource",
+ "omics:ListTagsForResource"
+ ],
"tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
diff --git a/schema/aws-omics-referencestore.json b/schema/aws-omics-referencestore.json
index b7bfadd..0bc9149 100644
--- a/schema/aws-omics-referencestore.json
+++ b/schema/aws-omics-referencestore.json
@@ -50,7 +50,8 @@
"create": {
"permissions": [
"omics:CreateReferenceStore",
- "omics:TagResource"
+ "omics:TagResource",
+ "kms:DescribeKey"
]
},
"delete": {
@@ -123,12 +124,14 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "omics:TagResource",
+ "omics:ListTagsForResource"
+ ],
"tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
"tagUpdatable": false,
"taggable": true
},
- "typeName": "AWS::Omics::ReferenceStore",
- "writeOnlyProperties": [
- "/properties/Tags"
- ]
+ "typeName": "AWS::Omics::ReferenceStore"
}
diff --git a/schema/aws-omics-rungroup.json b/schema/aws-omics-rungroup.json
index 9071e7b..f348e5c 100644
--- a/schema/aws-omics-rungroup.json
+++ b/schema/aws-omics-rungroup.json
@@ -106,7 +106,13 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "omics:TagResource",
+ "omics:UntagResource",
+ "omics:ListTagsForResource"
+ ],
"tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
diff --git a/schema/aws-omics-sequencestore.json b/schema/aws-omics-sequencestore.json
index 54de14a..d4e0092 100644
--- a/schema/aws-omics-sequencestore.json
+++ b/schema/aws-omics-sequencestore.json
@@ -1,19 +1,34 @@
{
"additionalProperties": false,
"createOnlyProperties": [
- "/properties/Description",
- "/properties/Name",
- "/properties/FallbackLocation",
- "/properties/SseConfig",
- "/properties/Tags"
+ "/properties/ETagAlgorithmFamily",
+ "/properties/SseConfig"
],
"definitions": {
+ "ETagAlgorithmFamily": {
+ "enum": [
+ "MD5up",
+ "SHA256up",
+ "SHA512up"
+ ],
+ "type": "string"
+ },
"EncryptionType": {
"enum": [
"KMS"
],
"type": "string"
},
+ "SequenceStoreStatus": {
+ "enum": [
+ "CREATING",
+ "ACTIVE",
+ "UPDATING",
+ "DELETING",
+ "FAILED"
+ ],
+ "type": "string"
+ },
"SseConfig": {
"additionalProperties": false,
"description": "Server-side encryption (SSE) settings for a store.",
@@ -46,12 +61,17 @@
"type": "object"
}
},
- "description": "Definition of AWS::Omics::SequenceStore Resource Type",
+ "description": "Resource Type definition for AWS::Omics::SequenceStore",
"handlers": {
"create": {
"permissions": [
"omics:CreateSequenceStore",
- "omics:TagResource"
+ "omics:GetSequenceStore",
+ "omics:GetS3AccessPolicy",
+ "omics:PutS3AccessPolicy",
+ "omics:ListTagsForResource",
+ "omics:TagResource",
+ "kms:DescribeKey"
]
},
"delete": {
@@ -66,15 +86,33 @@
},
"read": {
"permissions": [
+ "omics:GetS3AccessPolicy",
"omics:GetSequenceStore",
"omics:ListTagsForResource"
]
+ },
+ "update": {
+ "permissions": [
+ "omics:UpdateSequenceStore",
+ "omics:GetSequenceStore",
+ "omics:TagResource",
+ "omics:UntagResource",
+ "omics:ListTagsForResource",
+ "omics:GetS3AccessPolicy",
+ "omics:DeleteS3AccessPolicy",
+ "omics:PutS3AccessPolicy"
+ ]
}
},
"primaryIdentifier": [
"/properties/SequenceStoreId"
],
"properties": {
+ "AccessLogLocation": {
+ "description": "Location of the access logs.",
+ "pattern": "^$|^s3://([a-z0-9][a-z0-9-.]{1,61}[a-z0-9])/?((.{1,800})/)?$",
+ "type": "string"
+ },
"Arn": {
"description": "The store's ARN.",
"maxLength": 127,
@@ -94,10 +132,13 @@
"pattern": "^[\\p{L}||\\p{M}||\\p{Z}||\\p{S}||\\p{N}||\\p{P}]+$",
"type": "string"
},
+ "ETagAlgorithmFamily": {
+ "$ref": "#/definitions/ETagAlgorithmFamily"
+ },
"FallbackLocation": {
- "description": "An S3 URI representing the bucket and folder to store failed read set uploads.",
- "minLength": 1,
- "pattern": "^s3:\\/\\/([a-z0-9][a-z0-9-.]{1,61}[a-z0-9])\\/?((.{1,1024})\\/)?$",
+ "description": "An S3 location that is used to store files that have failed a direct upload.",
+ "minLength": 0,
+ "pattern": "^$|^s3://([a-z0-9][a-z0-9-.]{1,61}[a-z0-9])/?((.{1,1024})/)?$",
"type": "string"
},
"Name": {
@@ -107,6 +148,33 @@
"pattern": "^[\\p{L}||\\p{M}||\\p{Z}||\\p{S}||\\p{N}||\\p{P}]+$",
"type": "string"
},
+ "PropagatedSetLevelTags": {
+ "description": "The tags keys to propagate to the S3 objects associated with read sets in the sequence store.",
+ "items": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "maxItems": 50,
+ "minItems": 0,
+ "type": "array"
+ },
+ "S3AccessPointArn": {
+ "description": "This is ARN of the access point associated with the S3 bucket storing read sets.",
+ "maxLength": 1024,
+ "minLength": 1,
+ "pattern": "^arn:[^:]*:s3:[^:]*:[^:]*:accesspoint/.*$",
+ "type": "string"
+ },
+ "S3AccessPolicy": {
+ "description": "The resource policy that controls S3 access on the store",
+ "type": "object"
+ },
+ "S3Uri": {
+ "description": "The S3 URI of the sequence store.",
+ "pattern": "^s3://([a-z0-9][a-z0-9-.]{1,61}[a-z0-9])/(.{1,1024})$",
+ "type": "string"
+ },
"SequenceStoreId": {
"maxLength": 36,
"minLength": 10,
@@ -116,26 +184,49 @@
"SseConfig": {
"$ref": "#/definitions/SseConfig"
},
+ "Status": {
+ "$ref": "#/definitions/SequenceStoreStatus"
+ },
+ "StatusMessage": {
+ "description": "The status message of the sequence store.",
+ "maxLength": 127,
+ "minLength": 1,
+ "pattern": "^[\\p{L}||\\p{M}||\\p{Z}||\\p{S}||\\p{N}||\\p{P}]+$",
+ "type": "string"
+ },
"Tags": {
"$ref": "#/definitions/TagMap"
+ },
+ "UpdateTime": {
+ "description": "The last-updated time of the sequence store.",
+ "format": "date-time",
+ "type": "string"
}
},
"readOnlyProperties": [
"/properties/Arn",
"/properties/CreationTime",
- "/properties/SequenceStoreId"
+ "/properties/S3AccessPointArn",
+ "/properties/S3Uri",
+ "/properties/SequenceStoreId",
+ "/properties/Status",
+ "/properties/StatusMessage",
+ "/properties/UpdateTime"
],
"required": [
"Name"
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "omics:TagResource",
+ "omics:ListTagsForResource",
+ "omics:UntagResource"
+ ],
"tagOnCreate": true,
- "tagUpdatable": false,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
- "typeName": "AWS::Omics::SequenceStore",
- "writeOnlyProperties": [
- "/properties/Tags"
- ]
+ "typeName": "AWS::Omics::SequenceStore"
}
diff --git a/schema/aws-omics-variantstore.json b/schema/aws-omics-variantstore.json
index f6bf53e..2dac788 100644
--- a/schema/aws-omics-variantstore.json
+++ b/schema/aws-omics-variantstore.json
@@ -175,7 +175,13 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "omics:TagResource",
+ "omics:UntagResource",
+ "omics:ListTagsForResource"
+ ],
"tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
diff --git a/schema/aws-omics-workflow.json b/schema/aws-omics-workflow.json
index 431c14c..c105d75 100644
--- a/schema/aws-omics-workflow.json
+++ b/schema/aws-omics-workflow.json
@@ -209,7 +209,13 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "omics:TagResource",
+ "omics:UntagResource",
+ "omics:ListTagsForResource"
+ ],
"tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
diff --git a/schema/aws-opensearchserverless-index.json b/schema/aws-opensearchserverless-index.json
new file mode 100644
index 0000000..781e76e
--- /dev/null
+++ b/schema/aws-opensearchserverless-index.json
@@ -0,0 +1,226 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/IndexName",
+ "/properties/CollectionEndpoint"
+ ],
+ "definitions": {
+ "IndexSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "Index": {
+ "additionalProperties": false,
+ "properties": {
+ "Knn": {
+ "description": "Enable/disable k-nearest neighbor search capability",
+ "type": "boolean"
+ },
+ "KnnAlgoParamEfSearch": {
+ "description": "Size of the dynamic list for the nearest neighbors",
+ "type": "integer"
+ },
+ "RefreshInterval": {
+ "description": "How often to perform refresh operation (e.g. '1s', '5s')",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "type": "object"
+ },
+ "PropertyMapping": {
+ "additionalProperties": false,
+ "properties": {
+ "Dimension": {
+ "description": "Dimension size for vector fields, defines the number of dimensions in the vector",
+ "type": "integer"
+ },
+ "Index": {
+ "description": "Whether a field should be indexed",
+ "type": "boolean"
+ },
+ "Method": {
+ "additionalProperties": false,
+ "description": "Configuration for k-NN search method",
+ "properties": {
+ "Engine": {
+ "description": "The k-NN search engine to use",
+ "enum": [
+ "nmslib",
+ "faiss",
+ "lucene"
+ ],
+ "type": "string"
+ },
+ "Name": {
+ "description": "The algorithm name for k-NN search",
+ "enum": [
+ "hnsw",
+ "ivf"
+ ],
+ "type": "string"
+ },
+ "Parameters": {
+ "additionalProperties": false,
+ "description": "Additional parameters for the k-NN algorithm",
+ "properties": {
+ "EfConstruction": {
+ "description": "The size of the dynamic list used during k-NN graph creation",
+ "minimum": 1,
+ "type": "integer"
+ },
+ "M": {
+ "description": "Number of neighbors to consider during k-NN search",
+ "maximum": 100,
+ "minimum": 2,
+ "type": "integer"
+ }
+ },
+ "type": "object"
+ },
+ "SpaceType": {
+ "description": "The distance function used for k-NN search",
+ "enum": [
+ "l2",
+ "l1",
+ "linf",
+ "cosinesimil",
+ "innerproduct",
+ "hamming"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "Name",
+ "Engine"
+ ],
+ "type": "object"
+ },
+ "Properties": {
+ "additionalProperties": false,
+ "description": "Nested fields within an object or nested field type",
+ "patternProperties": {
+ "^[A-Za-z0-9_.-]{1,64}$": {
+ "$ref": "#/definitions/PropertyMapping",
+ "description": "Nested field name and its mapping configuration"
+ }
+ },
+ "type": "object"
+ },
+ "Type": {
+ "description": "The field data type. Must be a valid OpenSearch field type.",
+ "enum": [
+ "text",
+ "knn_vector"
+ ],
+ "type": "string"
+ },
+ "Value": {
+ "description": "Default value for the field when not specified in a document",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Type"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "An OpenSearch Serverless index resource",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "aoss:APIAccessAll"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "aoss:APIAccessAll"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "CollectionEndpoint": {
+ "$ref": "resource-schema.json#/properties/CollectionEndpoint"
+ }
+ },
+ "required": [
+ "CollectionEndpoint"
+ ]
+ },
+ "permissions": [
+ "aoss:APIAccessAll"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "aoss:APIAccessAll"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "aoss:APIAccessAll"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/IndexName",
+ "/properties/CollectionEndpoint"
+ ],
+ "properties": {
+ "CollectionEndpoint": {
+ "description": "The endpoint for the collection.",
+ "type": "string"
+ },
+ "IndexName": {
+ "description": "The name of the OpenSearch Serverless index.",
+ "pattern": "^(?![_-])[a-z][a-z0-9_-]*$",
+ "type": "string"
+ },
+ "Mappings": {
+ "additionalProperties": false,
+ "description": "Index Mappings",
+ "properties": {
+ "Properties": {
+ "additionalProperties": false,
+ "description": "Defines the fields within the mapping, including their types and configurations",
+ "patternProperties": {
+ "^[A-Za-z0-9_.-]{1,64}$": {
+ "$ref": "#/definitions/PropertyMapping",
+ "description": "Field name and its mapping configuration"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "type": "object"
+ },
+ "Settings": {
+ "$ref": "#/definitions/IndexSettings",
+ "description": "Index settings"
+ },
+ "Uuid": {
+ "description": "The unique identifier for the index.",
+ "type": "string"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Uuid"
+ ],
+ "required": [
+ "CollectionEndpoint",
+ "IndexName"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-opensearchserverless",
+ "tagging": {
+ "taggable": false
+ },
+ "typeName": "AWS::OpenSearchServerless::Index",
+ "writeOnlyProperties": [
+ "/properties/Settings/Index/RefreshInterval",
+ "/properties/Settings/Index/KnnAlgoParamEfSearch"
+ ]
+}
diff --git a/schema/aws-opensearchserverless-securityconfig.json b/schema/aws-opensearchserverless-securityconfig.json
index ca9d5fc..283c730 100644
--- a/schema/aws-opensearchserverless-securityconfig.json
+++ b/schema/aws-opensearchserverless-securityconfig.json
@@ -7,9 +7,56 @@
"additionalProperties": false,
"createOnlyProperties": [
"/properties/Type",
- "/properties/Name"
+ "/properties/Name",
+ "/properties/IamIdentityCenterOptions/InstanceArn"
],
"definitions": {
+ "IamIdentityCenterApplicationArn": {
+ "description": "The ARN of the IAM Identity Center application used to integrate with OpenSearch Serverless",
+ "type": "string"
+ },
+ "IamIdentityCenterConfigOptions": {
+ "additionalProperties": false,
+ "description": "Describes IAM Identity Center options for an OpenSearch Serverless security configuration in the form of a key-value map",
+ "properties": {
+ "ApplicationArn": {
+ "$ref": "#/definitions/IamIdentityCenterApplicationArn"
+ },
+ "ApplicationDescription": {
+ "description": "The description of the IAM Identity Center application used to integrate with OpenSearch Serverless",
+ "type": "string"
+ },
+ "ApplicationName": {
+ "description": "The name of the IAM Identity Center application used to integrate with OpenSearch Serverless",
+ "type": "string"
+ },
+ "GroupAttribute": {
+ "$ref": "#/definitions/IamIdentityCenterGroupAttribute"
+ },
+ "InstanceArn": {
+ "$ref": "#/definitions/IamIdentityCenterInstanceArn"
+ },
+ "UserAttribute": {
+ "$ref": "#/definitions/IamIdentityCenterUserAttribute"
+ }
+ },
+ "required": [
+ "InstanceArn"
+ ],
+ "type": "object"
+ },
+ "IamIdentityCenterGroupAttribute": {
+ "description": "Group attribute for this IAM Identity Center integration",
+ "type": "string"
+ },
+ "IamIdentityCenterInstanceArn": {
+ "description": "The ARN of the IAM Identity Center instance used to integrate with OpenSearch Serverless",
+ "type": "string"
+ },
+ "IamIdentityCenterUserAttribute": {
+ "description": "User attribute for this IAM Identity Center integration",
+ "type": "string"
+ },
"SamlConfigOptions": {
"additionalProperties": false,
"description": "Describes saml options in form of key value map",
@@ -28,6 +75,13 @@
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u007E\\u00A1-\\u00FF]+",
"type": "string"
},
+ "OpenSearchServerlessEntityId": {
+ "description": "Custom entity id attribute to override default entity id for this saml integration",
+ "maxLength": 1024,
+ "minLength": 1,
+ "pattern": "^aws:opensearch:[0-9]{12}:*",
+ "type": "string"
+ },
"SessionTimeout": {
"description": "Defines the session timeout in minutes",
"type": "integer"
@@ -48,7 +102,8 @@
"SecurityConfigType": {
"description": "Config type for security config",
"enum": [
- "saml"
+ "saml",
+ "iamidentitycenter"
],
"type": "string"
}
@@ -57,12 +112,21 @@
"handlers": {
"create": {
"permissions": [
- "aoss:CreateSecurityConfig"
+ "aoss:CreateSecurityConfig",
+ "sso:CreateApplication",
+ "sso:ListApplications",
+ "sso:DeleteApplication",
+ "sso:PutApplicationAssignmentConfiguration",
+ "sso:PutApplicationAuthenticationMethod",
+ "sso:PutApplicationGrant"
]
},
"delete": {
"permissions": [
- "aoss:DeleteSecurityConfig"
+ "aoss:DeleteSecurityConfig",
+ "sso:ListApplicationAssignments",
+ "sso:DeleteApplicationAssignment",
+ "sso:DeleteApplication"
]
},
"list": {
@@ -102,6 +166,9 @@
"minLength": 1,
"type": "string"
},
+ "IamIdentityCenterOptions": {
+ "$ref": "#/definitions/IamIdentityCenterConfigOptions"
+ },
"Id": {
"description": "The identifier of the security config",
"maxLength": 100,
@@ -123,7 +190,10 @@
}
},
"readOnlyProperties": [
- "/properties/Id"
+ "/properties/Id",
+ "/properties/IamIdentityCenterOptions/ApplicationArn",
+ "/properties/IamIdentityCenterOptions/ApplicationName",
+ "/properties/IamIdentityCenterOptions/ApplicationDescription"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-opensearchserverless",
"tagging": {
diff --git a/schema/aws-opensearchservice-application.json b/schema/aws-opensearchservice-application.json
new file mode 100644
index 0000000..f5cb30e
--- /dev/null
+++ b/schema/aws-opensearchservice-application.json
@@ -0,0 +1,210 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/Arn"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Name"
+ ],
+ "definitions": {
+ "AppConfig": {
+ "additionalProperties": false,
+ "description": "A key-value pair of AppConfig",
+ "properties": {
+ "Key": {
+ "$ref": "#/definitions/AppConfigType",
+ "description": "The configuration key"
+ },
+ "Value": {
+ "description": "The configuration value.",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ },
+ "AppConfigType": {
+ "description": "AppConfig type values.",
+ "enum": [
+ "opensearchDashboards.dashboardAdmin.users",
+ "opensearchDashboards.dashboardAdmin.groups"
+ ],
+ "type": "string"
+ },
+ "DataSource": {
+ "additionalProperties": false,
+ "description": "Datasource arn and description",
+ "properties": {
+ "DataSourceArn": {
+ "$ref": "#/properties/Arn",
+ "description": "The ARN of the data source."
+ },
+ "DataSourceDescription": {
+ "description": "Description of the data source.",
+ "type": "string"
+ }
+ },
+ "required": [
+ "DataSourceArn"
+ ],
+ "type": "object"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "description": "A key-value pair metadata associated with resource",
+ "properties": {
+ "Key": {
+ "description": "The key in the key-value pair",
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "description": "The value in the key-value pair",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "Amazon OpenSearchService application resource",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "es:CreateApplication",
+ "es:GetApplication",
+ "es:AddTags",
+ "es:ListTags",
+ "iam:CreateServiceLinkedRole"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "es:GetApplication",
+ "es:DeleteApplication"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "es:ListApplications"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "es:GetApplication",
+ "es:ListTags"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "es:UpdateApplication",
+ "es:GetApplication",
+ "es:AddTags",
+ "es:RemoveTags",
+ "es:ListTags"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Name"
+ ],
+ "properties": {
+ "AppConfigs": {
+ "description": "List of application configurations.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/AppConfig"
+ },
+ "type": "array"
+ },
+ "Arn": {
+ "description": "Amazon Resource Name (ARN) format.",
+ "type": "string"
+ },
+ "DataSources": {
+ "description": "List of data sources.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/DataSource"
+ },
+ "type": "array"
+ },
+ "Endpoint": {
+ "description": "The endpoint for the application.",
+ "type": "string"
+ },
+ "IamIdentityCenterOptions": {
+ "additionalProperties": false,
+ "description": "Options for configuring IAM Identity Center",
+ "properties": {
+ "Enabled": {
+ "description": "Whether IAM Identity Center is enabled.",
+ "type": "boolean"
+ },
+ "IamIdentityCenterInstanceArn": {
+ "$ref": "#/properties/Arn",
+ "description": "The ARN of the IAM Identity Center instance."
+ },
+ "IamRoleForIdentityCenterApplicationArn": {
+ "description": "The ARN of the IAM role for Identity Center application.",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Id": {
+ "description": "The identifier of the application.",
+ "maxLength": 40,
+ "minLength": 3,
+ "type": "string"
+ },
+ "Name": {
+ "description": "The name of the application.",
+ "maxLength": 40,
+ "minLength": 3,
+ "pattern": "[a-z][a-z0-9\\-]+",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "An arbitrary set of tags (key-value pairs) for this application.",
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Id",
+ "/properties/Arn"
+ ],
+ "required": [
+ "Name"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "es:AddTags",
+ "es:RemoveTags",
+ "es:ListTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::OpenSearchService::Application"
+}
diff --git a/schema/aws-opensearchservice-domain.json b/schema/aws-opensearchservice-domain.json
index 7d12e7f..eb7d43a 100644
--- a/schema/aws-opensearchservice-domain.json
+++ b/schema/aws-opensearchservice-domain.json
@@ -23,6 +23,9 @@
"InternalUserDatabaseEnabled": {
"type": "boolean"
},
+ "JWTOptions": {
+ "$ref": "#/definitions/JWTOptions"
+ },
"MasterUserOptions": {
"$ref": "#/definitions/MasterUserOptions"
},
@@ -56,6 +59,12 @@
"MultiAZWithStandbyEnabled": {
"type": "boolean"
},
+ "NodeOptions": {
+ "items": {
+ "$ref": "#/definitions/NodeOption"
+ },
+ "type": "array"
+ },
"WarmCount": {
"type": "integer"
},
@@ -155,6 +164,37 @@
},
"type": "object"
},
+ "IdentityCenterOptions": {
+ "additionalProperties": false,
+ "description": "Options for configuring Identity Center",
+ "properties": {
+ "EnabledAPIAccess": {
+ "description": "Whether Identity Center is enabled.",
+ "type": "boolean"
+ },
+ "IdentityCenterApplicationARN": {
+ "description": "The ARN of the Identity Center application.",
+ "type": "string"
+ },
+ "IdentityCenterInstanceARN": {
+ "description": "The ARN of the Identity Center instance.",
+ "type": "string"
+ },
+ "IdentityStoreId": {
+ "description": "The IdentityStoreId for Identity Center options.",
+ "type": "string"
+ },
+ "RolesKey": {
+ "$ref": "#/definitions/RolesKeyIdcType",
+ "description": "The roles key for Identity Center options."
+ },
+ "SubjectKey": {
+ "$ref": "#/definitions/SubjectKeyIdcType",
+ "description": "The subject key for Identity Center options."
+ }
+ },
+ "type": "object"
+ },
"Idp": {
"additionalProperties": false,
"properties": {
@@ -173,6 +213,24 @@
],
"type": "object"
},
+ "JWTOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "Enabled": {
+ "type": "boolean"
+ },
+ "PublicKey": {
+ "type": "string"
+ },
+ "RolesKey": {
+ "type": "string"
+ },
+ "SubjectKey": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"LogPublishingOption": {
"additionalProperties": false,
"properties": {
@@ -200,6 +258,36 @@
},
"type": "object"
},
+ "NodeConfig": {
+ "additionalProperties": false,
+ "properties": {
+ "Count": {
+ "type": "integer"
+ },
+ "Enabled": {
+ "type": "boolean"
+ },
+ "Type": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "NodeOption": {
+ "additionalProperties": false,
+ "properties": {
+ "NodeConfig": {
+ "$ref": "#/definitions/NodeConfig"
+ },
+ "NodeType": {
+ "enum": [
+ "coordinator"
+ ],
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"NodeToNodeEncryptionOptions": {
"additionalProperties": false,
"properties": {
@@ -230,6 +318,14 @@
},
"type": "object"
},
+ "RolesKeyIdcType": {
+ "description": "Roles Key Idc type values.",
+ "enum": [
+ "GroupName",
+ "GroupId"
+ ],
+ "type": "string"
+ },
"SAMLOptions": {
"additionalProperties": false,
"properties": {
@@ -305,6 +401,15 @@
},
"type": "object"
},
+ "SubjectKeyIdcType": {
+ "description": "Subject Key Idc type values.",
+ "enum": [
+ "UserName",
+ "UserId",
+ "Email"
+ ],
+ "type": "string"
+ },
"Tag": {
"additionalProperties": false,
"properties": {
@@ -479,6 +584,9 @@
"Id": {
"type": "string"
},
+ "IdentityCenterOptions": {
+ "$ref": "#/definitions/IdentityCenterOptions"
+ },
"LogPublishingOptions": {
"additionalProperties": false,
"patternProperties": {
@@ -497,6 +605,9 @@
"ServiceSoftwareOptions": {
"$ref": "#/definitions/ServiceSoftwareOptions"
},
+ "SkipShardMigrationWait": {
+ "type": "boolean"
+ },
"SnapshotOptions": {
"$ref": "#/definitions/SnapshotOptions"
},
@@ -523,13 +634,16 @@
"/properties/DomainEndpointV2",
"/properties/DomainEndpoints",
"/properties/ServiceSoftwareOptions",
- "/properties/AdvancedSecurityOptions/AnonymousAuthDisableDate"
+ "/properties/AdvancedSecurityOptions/AnonymousAuthDisableDate",
+ "/properties/IdentityCenterOptions/IdentityCenterApplicationARN",
+ "/properties/IdentityCenterOptions/IdentityStoreId"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"typeName": "AWS::OpenSearchService::Domain",
"writeOnlyProperties": [
"/properties/AdvancedSecurityOptions/MasterUserOptions",
"/properties/AdvancedSecurityOptions/SAMLOptions/MasterUserName",
- "/properties/AdvancedSecurityOptions/SAMLOptions/MasterBackendRole"
+ "/properties/AdvancedSecurityOptions/SAMLOptions/MasterBackendRole",
+ "/properties/AdvancedSecurityOptions/JWTOptions/PublicKey"
]
}
diff --git a/schema/aws-organizations-account.json b/schema/aws-organizations-account.json
index e079ed8..497e616 100644
--- a/schema/aws-organizations-account.json
+++ b/schema/aws-organizations-account.json
@@ -34,6 +34,7 @@
"organizations:CreateAccount",
"organizations:DescribeCreateAccountStatus",
"organizations:MoveAccount",
+ "organizations:ListAccounts",
"organizations:ListParents",
"organizations:TagResource",
"organizations:DescribeAccount",
@@ -161,6 +162,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-organizations",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "organizations:TagResource",
+ "organizations:UntagResource",
+ "organizations:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-organizations-organizationalunit.json b/schema/aws-organizations-organizationalunit.json
index b8d9156..1acd386 100644
--- a/schema/aws-organizations-organizationalunit.json
+++ b/schema/aws-organizations-organizationalunit.json
@@ -35,6 +35,7 @@
"organizations:CreateOrganizationalUnit",
"organizations:DescribeOrganizationalUnit",
"organizations:ListParents",
+ "organizations:ListOrganizationalUnitsForParent",
"organizations:ListTagsForResource",
"organizations:TagResource"
]
@@ -126,6 +127,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-organizations",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "organizations:TagResource",
+ "organizations:UntagResource",
+ "organizations:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-organizations-policy.json b/schema/aws-organizations-policy.json
index ab8ae57..c4b79f5 100644
--- a/schema/aws-organizations-policy.json
+++ b/schema/aws-organizations-policy.json
@@ -37,6 +37,7 @@
"organizations:CreatePolicy",
"organizations:DescribePolicy",
"organizations:AttachPolicy",
+ "organizations:ListPolicies",
"organizations:ListTagsForResource",
"organizations:ListTargetsForPolicy",
"organizations:TagResource"
@@ -145,12 +146,15 @@
"uniqueItems": true
},
"Type": {
- "description": "The type of policy to create. You can specify one of the following values: AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, TAG_POLICY",
+ "description": "The type of policy to create. You can specify one of the following values: AISERVICES_OPT_OUT_POLICY, BACKUP_POLICY, SERVICE_CONTROL_POLICY, TAG_POLICY, CHATBOT_POLICY, RESOURCE_CONTROL_POLICY,DECLARATIVE_POLICY_EC2",
"enum": [
"SERVICE_CONTROL_POLICY",
"AISERVICES_OPT_OUT_POLICY",
"BACKUP_POLICY",
- "TAG_POLICY"
+ "TAG_POLICY",
+ "CHATBOT_POLICY",
+ "RESOURCE_CONTROL_POLICY",
+ "DECLARATIVE_POLICY_EC2"
],
"type": "string"
}
@@ -168,6 +172,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-organizations",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "organizations:TagResource",
+ "organizations:UntagResource",
+ "organizations:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-organizations-resourcepolicy.json b/schema/aws-organizations-resourcepolicy.json
index 3cba273..889397c 100644
--- a/schema/aws-organizations-resourcepolicy.json
+++ b/schema/aws-organizations-resourcepolicy.json
@@ -106,6 +106,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-organizations",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "organizations:TagResource",
+ "organizations:UntagResource",
+ "organizations:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-osis-pipeline.json b/schema/aws-osis-pipeline.json
index 2281d7e..b70b97e 100644
--- a/schema/aws-osis-pipeline.json
+++ b/schema/aws-osis-pipeline.json
@@ -126,6 +126,26 @@
},
"type": "array"
},
+ "VpcAttachmentOptions": {
+ "additionalProperties": false,
+ "description": "Options for attaching a VPC to the pipeline.",
+ "properties": {
+ "AttachToVpc": {
+ "description": "Whether the pipeline should be attached to the provided VPC",
+ "type": "boolean"
+ },
+ "CidrBlock": {
+ "description": "The CIDR block to be reserved for OpenSearch Ingestion to create elastic network interfaces (ENIs).",
+ "pattern": "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/(3[0-2]|[12]?[0-9])$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "AttachToVpc",
+ "CidrBlock"
+ ],
+ "type": "object"
+ },
"VpcEndpointManagement": {
"description": "Defines whether you or Amazon OpenSearch Ingestion service create and manage the VPC endpoint configured for the pipeline.",
"enum": [
diff --git a/schema/aws-panorama-applicationinstance.json b/schema/aws-panorama-applicationinstance.json
index 77ad5f7..baa5a0c 100644
--- a/schema/aws-panorama-applicationinstance.json
+++ b/schema/aws-panorama-applicationinstance.json
@@ -75,9 +75,11 @@
},
"ManifestOverridesPayload": {
"additionalProperties": false,
+ "description": "Parameter overrides for an application instance. This is a JSON document that has a single key (``PayloadData``) where the value is an escaped string representation of the overrides document.",
"properties": {
"PayloadData": {
- "$ref": "#/definitions/ManifestOverridesPayloadData"
+ "$ref": "#/definitions/ManifestOverridesPayloadData",
+ "description": "The overrides document."
}
},
"type": "object"
@@ -90,9 +92,11 @@
},
"ManifestPayload": {
"additionalProperties": false,
+ "description": "A application verion's manifest file. This is a JSON document that has a single key (``PayloadData``) where the value is an escaped string representation of the application manifest (``graph.json``). This file is located in the ``graphs`` folder in your application source.",
"properties": {
"PayloadData": {
- "$ref": "#/definitions/ManifestPayloadData"
+ "$ref": "#/definitions/ManifestPayloadData",
+ "description": "The application manifest."
}
},
"type": "object"
@@ -128,16 +132,17 @@
},
"Tag": {
"additionalProperties": false,
+ "description": "",
"properties": {
"Key": {
- "description": "A string used to identify this tag",
+ "description": "",
"maxLength": 128,
"minLength": 1,
"pattern": "^.+$",
"type": "string"
},
"Value": {
- "description": "A string containing the value for the tag",
+ "description": "",
"maxLength": 256,
"minLength": 0,
"pattern": "^.+$",
@@ -163,7 +168,7 @@
"type": "integer"
}
},
- "description": "Schema for ApplicationInstance CloudFormation Resource",
+ "description": "Creates an application instance and deploys it to a device.",
"handlers": {
"create": {
"permissions": [
@@ -228,52 +233,68 @@
],
"properties": {
"ApplicationInstanceId": {
- "$ref": "#/definitions/ApplicationInstanceId"
+ "$ref": "#/definitions/ApplicationInstanceId",
+ "description": ""
},
"ApplicationInstanceIdToReplace": {
- "$ref": "#/definitions/ApplicationInstanceId"
+ "$ref": "#/definitions/ApplicationInstanceId",
+ "description": "The ID of an application instance to replace with the new instance."
},
"Arn": {
- "$ref": "#/definitions/ApplicationInstanceArn"
+ "$ref": "#/definitions/ApplicationInstanceArn",
+ "description": ""
},
"CreatedTime": {
- "$ref": "#/definitions/Timestamp"
+ "$ref": "#/definitions/Timestamp",
+ "description": ""
},
"DefaultRuntimeContextDevice": {
- "$ref": "#/definitions/DefaultRuntimeContextDevice"
+ "$ref": "#/definitions/DefaultRuntimeContextDevice",
+ "description": "The device's ID."
},
"DefaultRuntimeContextDeviceName": {
- "$ref": "#/definitions/DeviceName"
+ "$ref": "#/definitions/DeviceName",
+ "description": ""
},
"Description": {
- "$ref": "#/definitions/Description"
+ "$ref": "#/definitions/Description",
+ "description": "A description for the application instance."
},
"HealthStatus": {
- "$ref": "#/definitions/ApplicationInstanceHealthStatus"
+ "$ref": "#/definitions/ApplicationInstanceHealthStatus",
+ "description": ""
},
"LastUpdatedTime": {
- "$ref": "#/definitions/Timestamp"
+ "$ref": "#/definitions/Timestamp",
+ "description": ""
},
"ManifestOverridesPayload": {
- "$ref": "#/definitions/ManifestOverridesPayload"
+ "$ref": "#/definitions/ManifestOverridesPayload",
+ "description": "Setting overrides for the application manifest."
},
"ManifestPayload": {
- "$ref": "#/definitions/ManifestPayload"
+ "$ref": "#/definitions/ManifestPayload",
+ "description": "The application's manifest document."
},
"Name": {
- "$ref": "#/definitions/Name"
+ "$ref": "#/definitions/Name",
+ "description": "A name for the application instance."
},
"RuntimeRoleArn": {
- "$ref": "#/definitions/RuntimeRoleArn"
+ "$ref": "#/definitions/RuntimeRoleArn",
+ "description": "The ARN of a runtime role for the application instance."
},
"Status": {
- "$ref": "#/definitions/ApplicationInstanceStatus"
+ "$ref": "#/definitions/ApplicationInstanceStatus",
+ "description": ""
},
"StatusDescription": {
- "$ref": "#/definitions/ApplicationInstanceStatusDescription"
+ "$ref": "#/definitions/ApplicationInstanceStatusDescription",
+ "description": ""
},
"Tags": {
- "$ref": "#/definitions/TagList"
+ "$ref": "#/definitions/TagList",
+ "description": "Tags for the application instance."
}
},
"readOnlyProperties": [
@@ -291,7 +312,18 @@
"DefaultRuntimeContextDevice"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "panorama:ListTagsForResource",
+ "panorama:TagResource",
+ "panorama:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Panorama::ApplicationInstance",
"writeOnlyProperties": [
"/properties/ApplicationInstanceIdToReplace"
diff --git a/schema/aws-panorama-package.json b/schema/aws-panorama-package.json
index 76a2d8a..12387b8 100644
--- a/schema/aws-panorama-package.json
+++ b/schema/aws-panorama-package.json
@@ -23,20 +23,26 @@
},
"StorageLocation": {
"additionalProperties": false,
+ "description": "A storage location.",
"properties": {
"BinaryPrefixLocation": {
+ "description": "The location's binary prefix.",
"type": "string"
},
"Bucket": {
+ "description": "The location's bucket.",
"type": "string"
},
"GeneratedPrefixLocation": {
+ "description": "The location's generated prefix.",
"type": "string"
},
"ManifestPrefixLocation": {
+ "description": "The location's manifest prefix.",
"type": "string"
},
"RepoPrefixLocation": {
+ "description": "The location's repo prefix.",
"type": "string"
}
},
@@ -44,14 +50,17 @@
},
"Tag": {
"additionalProperties": false,
+ "description": "",
"properties": {
"Key": {
+ "description": "",
"maxLength": 128,
"minLength": 1,
"pattern": "^.+$",
"type": "string"
},
"Value": {
+ "description": "",
"maxLength": 256,
"minLength": 0,
"pattern": "^.+$",
@@ -76,7 +85,7 @@
"type": "integer"
}
},
- "description": "Schema for Package CloudFormation Resource",
+ "description": "Creates a package and storage location in an Amazon S3 access point.",
"handlers": {
"create": {
"permissions": [
@@ -139,22 +148,28 @@
],
"properties": {
"Arn": {
- "$ref": "#/definitions/NodePackageArn"
+ "$ref": "#/definitions/NodePackageArn",
+ "description": ""
},
"CreatedTime": {
- "$ref": "#/definitions/Timestamp"
+ "$ref": "#/definitions/Timestamp",
+ "description": ""
},
"PackageId": {
- "$ref": "#/definitions/NodePackageId"
+ "$ref": "#/definitions/NodePackageId",
+ "description": ""
},
"PackageName": {
- "$ref": "#/definitions/NodePackageName"
+ "$ref": "#/definitions/NodePackageName",
+ "description": "A name for the package."
},
"StorageLocation": {
- "$ref": "#/definitions/StorageLocation"
+ "$ref": "#/definitions/StorageLocation",
+ "description": "A storage location."
},
"Tags": {
- "$ref": "#/definitions/TagList"
+ "$ref": "#/definitions/TagList",
+ "description": "Tags for the package."
}
},
"readOnlyProperties": [
@@ -171,6 +186,17 @@
"PackageName"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "panorama:ListTagsForResource",
+ "panorama:TagResource",
+ "panorama:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Panorama::Package"
}
diff --git a/schema/aws-panorama-packageversion.json b/schema/aws-panorama-packageversion.json
index 9c7db69..47bc8ca 100644
--- a/schema/aws-panorama-packageversion.json
+++ b/schema/aws-panorama-packageversion.json
@@ -60,7 +60,7 @@
"type": "integer"
}
},
- "description": "Schema for PackageVersion Resource Type",
+ "description": "Registers a package version.",
"handlers": {
"create": {
"permissions": [
@@ -110,40 +110,52 @@
],
"properties": {
"IsLatestPatch": {
+ "description": "",
"type": "boolean"
},
"MarkLatest": {
+ "description": "Whether to mark the new version as the latest version.",
"type": "boolean"
},
"OwnerAccount": {
- "$ref": "#/definitions/PackageOwnerAccount"
+ "$ref": "#/definitions/PackageOwnerAccount",
+ "description": "An owner account."
},
"PackageArn": {
- "$ref": "#/definitions/NodePackageArn"
+ "$ref": "#/definitions/NodePackageArn",
+ "description": ""
},
"PackageId": {
- "$ref": "#/definitions/NodePackageId"
+ "$ref": "#/definitions/NodePackageId",
+ "description": "A package ID."
},
"PackageName": {
- "$ref": "#/definitions/NodePackageName"
+ "$ref": "#/definitions/NodePackageName",
+ "description": ""
},
"PackageVersion": {
- "$ref": "#/definitions/NodePackageVersion"
+ "$ref": "#/definitions/NodePackageVersion",
+ "description": "A package version."
},
"PatchVersion": {
- "$ref": "#/definitions/NodePackagePatchVersion"
+ "$ref": "#/definitions/NodePackagePatchVersion",
+ "description": "A patch version."
},
"RegisteredTime": {
- "$ref": "#/definitions/TimeStamp"
+ "$ref": "#/definitions/TimeStamp",
+ "description": ""
},
"Status": {
- "$ref": "#/definitions/PackageVersionStatus"
+ "$ref": "#/definitions/PackageVersionStatus",
+ "description": ""
},
"StatusDescription": {
- "$ref": "#/definitions/PackageVersionStatusDescription"
+ "$ref": "#/definitions/PackageVersionStatusDescription",
+ "description": ""
},
"UpdatedLatestPatchVersion": {
- "$ref": "#/definitions/NodePackagePatchVersion"
+ "$ref": "#/definitions/NodePackagePatchVersion",
+ "description": "If the version was marked latest, the new version to maker as latest."
}
},
"readOnlyProperties": [
@@ -160,7 +172,6 @@
"PatchVersion"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-panorama.git",
- "taggable": false,
"typeName": "AWS::Panorama::PackageVersion",
"writeOnlyProperties": [
"/properties/UpdatedLatestPatchVersion"
diff --git a/schema/aws-paymentcryptography-key.json b/schema/aws-paymentcryptography-key.json
index c7bc660..82a9158 100644
--- a/schema/aws-paymentcryptography-key.json
+++ b/schema/aws-paymentcryptography-key.json
@@ -1,6 +1,30 @@
{
"additionalProperties": false,
"definitions": {
+ "DeriveKeyUsage": {
+ "enum": [
+ "TR31_B0_BASE_DERIVATION_KEY",
+ "TR31_C0_CARD_VERIFICATION_KEY",
+ "TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY",
+ "TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS",
+ "TR31_E1_EMV_MKEY_CONFIDENTIALITY",
+ "TR31_E2_EMV_MKEY_INTEGRITY",
+ "TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS",
+ "TR31_E5_EMV_MKEY_CARD_PERSONALIZATION",
+ "TR31_E6_EMV_MKEY_OTHER",
+ "TR31_K0_KEY_ENCRYPTION_KEY",
+ "TR31_K1_KEY_BLOCK_PROTECTION_KEY",
+ "TR31_M3_ISO_9797_3_MAC_KEY",
+ "TR31_M1_ISO_9797_1_MAC_KEY",
+ "TR31_M6_ISO_9797_5_CMAC_KEY",
+ "TR31_M7_HMAC_KEY",
+ "TR31_P0_PIN_ENCRYPTION_KEY",
+ "TR31_P1_PIN_GENERATION_KEY",
+ "TR31_V1_IBM3624_PIN_VERIFICATION_KEY",
+ "TR31_V2_VISA_PIN_VERIFICATION_KEY"
+ ],
+ "type": "string"
+ },
"KeyAlgorithm": {
"enum": [
"TDES_2KEY",
@@ -8,9 +32,16 @@
"AES_128",
"AES_192",
"AES_256",
+ "HMAC_SHA256",
+ "HMAC_SHA384",
+ "HMAC_SHA512",
+ "HMAC_SHA224",
"RSA_2048",
"RSA_3072",
- "RSA_4096"
+ "RSA_4096",
+ "ECC_NIST_P256",
+ "ECC_NIST_P384",
+ "ECC_NIST_P521"
],
"type": "string"
},
@@ -41,7 +72,8 @@
"KeyCheckValueAlgorithm": {
"enum": [
"CMAC",
- "ANSI_X9_24"
+ "ANSI_X9_24",
+ "HMAC"
],
"type": "string"
},
@@ -152,12 +184,13 @@
},
"Value": {
"maxLength": 256,
- "minLength": 0,
+ "minLength": 1,
"type": "string"
}
},
"required": [
- "Key"
+ "Key",
+ "Value"
],
"type": "object"
}
@@ -203,6 +236,9 @@
"/properties/KeyIdentifier"
],
"properties": {
+ "DeriveKeyUsage": {
+ "$ref": "#/definitions/DeriveKeyUsage"
+ },
"Enabled": {
"type": "boolean"
},
@@ -248,6 +284,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "payment-cryptography:ListTagsForResource",
+ "payment-cryptography:TagResource",
+ "payment-cryptography:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-pcaconnectorad-connector.json b/schema/aws-pcaconnectorad-connector.json
index 44a27b2..125afed 100644
--- a/schema/aws-pcaconnectorad-connector.json
+++ b/schema/aws-pcaconnectorad-connector.json
@@ -15,9 +15,20 @@
},
"type": "object"
},
+ "Unit": {
+ "additionalProperties": false,
+ "type": "object"
+ },
"VpcInformation": {
"additionalProperties": false,
"properties": {
+ "IpAddressType": {
+ "enum": [
+ "IPV4",
+ "DUALSTACK"
+ ],
+ "type": "string"
+ },
"SecurityGroupIds": {
"items": {
"maxLength": 20,
@@ -37,7 +48,7 @@
"type": "object"
}
},
- "description": "Definition of AWS::PCAConnectorAD::Connector Resource Type",
+ "description": "Represents a Connector that connects AWS PrivateCA and your directory",
"handlers": {
"create": {
"permissions": [
@@ -50,15 +61,17 @@
"ec2:CreateVpcEndpoint",
"ec2:DescribeVpcEndpoints",
"pca-connector-ad:CreateConnector",
- "pca-connector-ad:GetConnector"
+ "pca-connector-ad:GetConnector",
+ "pca-connector-ad:TagResource"
]
},
"delete": {
"permissions": [
+ "ec2:DeleteVpcEndpoints",
+ "ec2:DescribeVpcEndpoints",
"pca-connector-ad:GetConnector",
"pca-connector-ad:DeleteConnector",
- "ec2:DeleteVpcEndpoints",
- "ec2:DescribeVpcEndpoints"
+ "pca-connector-ad:UntagResource"
]
},
"list": {
@@ -87,13 +100,13 @@
"CertificateAuthorityArn": {
"maxLength": 200,
"minLength": 5,
- "pattern": "^arn:[\\w-]+:acm-pca:[\\w-]+:[0-9]+:certificate-authority(\\/[\\w-]+)$",
+ "pattern": "^arn:[\\w-]+:acm-pca:[\\w-]+:[0-9]+:certificate-authority\\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}$",
"type": "string"
},
"ConnectorArn": {
"maxLength": 200,
"minLength": 5,
- "pattern": "^arn:[\\w-]+:pca-connector-ad:[\\w-]+:[0-9]+:connector(\\/[\\w-]+)$",
+ "pattern": "^arn:[\\w-]+:pca-connector-ad:[\\w-]+:[0-9]+:connector\\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}$",
"type": "string"
},
"DirectoryId": {
@@ -117,16 +130,15 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "pca-connector-ad:ListTagsForResource",
+ "pca-connector-ad:TagResource",
+ "pca-connector-ad:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
- "typeName": "AWS::PCAConnectorAD::Connector",
- "writeOnlyProperties": [
- "/properties/CertificateAuthorityArn",
- "/properties/DirectoryId",
- "/properties/Tags",
- "/properties/VpcInformation"
- ]
+ "typeName": "AWS::PCAConnectorAD::Connector"
}
diff --git a/schema/aws-pcaconnectorad-directoryregistration.json b/schema/aws-pcaconnectorad-directoryregistration.json
index 6161b48..a477c41 100644
--- a/schema/aws-pcaconnectorad-directoryregistration.json
+++ b/schema/aws-pcaconnectorad-directoryregistration.json
@@ -18,19 +18,21 @@
"handlers": {
"create": {
"permissions": [
+ "ds:AuthorizeApplication",
+ "ds:DescribeDirectories",
"pca-connector-ad:GetDirectoryRegistration",
"pca-connector-ad:CreateDirectoryRegistration",
- "ds:AuthorizeApplication",
- "ds:DescribeDirectories"
+ "pca-connector-ad:TagResource"
]
},
"delete": {
"permissions": [
- "pca-connector-ad:GetDirectoryRegistration",
- "pca-connector-ad:DeleteDirectoryRegistration",
"ds:DescribeDirectories",
"ds:UnauthorizeApplication",
- "ds:UpdateAuthorizedApplication"
+ "ds:UpdateAuthorizedApplication",
+ "pca-connector-ad:GetDirectoryRegistration",
+ "pca-connector-ad:DeleteDirectoryRegistration",
+ "pca-connector-ad:UntagResource"
]
},
"list": {
@@ -40,8 +42,8 @@
},
"read": {
"permissions": [
- "pca-connector-ad:ListTagsForResource",
- "pca-connector-ad:GetDirectoryRegistration"
+ "pca-connector-ad:GetDirectoryRegistration",
+ "pca-connector-ad:ListTagsForResource"
]
},
"update": {
@@ -78,14 +80,15 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "pca-connector-ad:ListTagsForResource",
+ "pca-connector-ad:TagResource",
+ "pca-connector-ad:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
- "typeName": "AWS::PCAConnectorAD::DirectoryRegistration",
- "writeOnlyProperties": [
- "/properties/DirectoryId",
- "/properties/Tags"
- ]
+ "typeName": "AWS::PCAConnectorAD::DirectoryRegistration"
}
diff --git a/schema/aws-pcaconnectorad-template.json b/schema/aws-pcaconnectorad-template.json
index c701a75..43b778e 100644
--- a/schema/aws-pcaconnectorad-template.json
+++ b/schema/aws-pcaconnectorad-template.json
@@ -939,13 +939,15 @@
"handlers": {
"create": {
"permissions": [
- "pca-connector-ad:CreateTemplate"
+ "pca-connector-ad:CreateTemplate",
+ "pca-connector-ad:TagResource"
]
},
"delete": {
"permissions": [
"pca-connector-ad:GetTemplate",
- "pca-connector-ad:DeleteTemplate"
+ "pca-connector-ad:DeleteTemplate",
+ "pca-connector-ad:UntagResource"
]
},
"list": {
@@ -1021,6 +1023,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-pcaconnectorad",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "pca-connector-ad:ListTagsForResource",
+ "pca-connector-ad:TagResource",
+ "pca-connector-ad:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
@@ -1028,10 +1035,6 @@
},
"typeName": "AWS::PCAConnectorAD::Template",
"writeOnlyProperties": [
- "/properties/ConnectorArn",
- "/properties/Definition",
- "/properties/Name",
- "/properties/ReenrollAllCertificateHolders",
- "/properties/Tags"
+ "/properties/ReenrollAllCertificateHolders"
]
}
diff --git a/schema/aws-pcaconnectorscep-challenge.json b/schema/aws-pcaconnectorscep-challenge.json
new file mode 100644
index 0000000..10633c6
--- /dev/null
+++ b/schema/aws-pcaconnectorscep-challenge.json
@@ -0,0 +1,105 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ConnectorArn"
+ ],
+ "definitions": {
+ "Tags": {
+ "additionalProperties": false,
+ "patternProperties": {
+ ".+": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Unit": {
+ "additionalProperties": false,
+ "type": "object"
+ }
+ },
+ "description": "Represents a SCEP Challenge that is used for certificate enrollment",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "pca-connector-scep:CreateChallenge",
+ "pca-connector-scep:TagResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "pca-connector-scep:GetChallengeMetadata",
+ "pca-connector-scep:DeleteChallenge",
+ "pca-connector-scep:UntagResource"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "ConnectorArn": {
+ "$ref": "resource-schema.json#/properties/ConnectorArn"
+ }
+ },
+ "required": [
+ "ConnectorArn"
+ ]
+ },
+ "permissions": [
+ "pca-connector-scep:ListChallengeMetadata"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "pca-connector-scep:ListTagsForResource",
+ "pca-connector-scep:GetChallengeMetadata"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "pca-connector-scep:ListTagsForResource",
+ "pca-connector-scep:TagResource",
+ "pca-connector-scep:UntagResource"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/ChallengeArn"
+ ],
+ "properties": {
+ "ChallengeArn": {
+ "maxLength": 200,
+ "minLength": 5,
+ "pattern": "^arn:aws(-[a-z]+)*:pca-connector-scep:[a-z]+(-[a-z]+)+-[1-9]\\d*:\\d{12}:connector\\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\\/challenge\\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}$",
+ "type": "string"
+ },
+ "ConnectorArn": {
+ "maxLength": 200,
+ "minLength": 5,
+ "pattern": "^arn:aws(-[a-z]+)*:pca-connector-scep:[a-z]+(-[a-z]+)+-[1-9]\\d*:\\d{12}:connector\\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}$",
+ "type": "string"
+ },
+ "Tags": {
+ "$ref": "#/definitions/Tags"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/ChallengeArn"
+ ],
+ "required": [
+ "ConnectorArn"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-pcaconnectorscep",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "pca-connector-scep:ListTagsForResource",
+ "pca-connector-scep:TagResource",
+ "pca-connector-scep:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::PCAConnectorSCEP::Challenge"
+}
diff --git a/schema/aws-pcaconnectorscep-connector.json b/schema/aws-pcaconnectorscep-connector.json
new file mode 100644
index 0000000..75dbfb2
--- /dev/null
+++ b/schema/aws-pcaconnectorscep-connector.json
@@ -0,0 +1,183 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/CertificateAuthorityArn",
+ "/properties/MobileDeviceManagement"
+ ],
+ "definitions": {
+ "ConnectorType": {
+ "enum": [
+ "GENERAL_PURPOSE",
+ "INTUNE"
+ ],
+ "type": "string"
+ },
+ "IntuneConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "AzureApplicationId": {
+ "maxLength": 100,
+ "minLength": 15,
+ "pattern": "^[a-zA-Z0-9]{2,15}-[a-zA-Z0-9]{2,15}-[a-zA-Z0-9]{2,15}-[a-zA-Z0-9]{2,15}-[a-zA-Z0-9]{2,15}$",
+ "type": "string"
+ },
+ "Domain": {
+ "maxLength": 256,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9._-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "AzureApplicationId",
+ "Domain"
+ ],
+ "type": "object"
+ },
+ "MobileDeviceManagement": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "Intune": {
+ "$ref": "#/definitions/IntuneConfiguration"
+ }
+ },
+ "required": [
+ "Intune"
+ ],
+ "title": "Intune"
+ }
+ ],
+ "type": "object"
+ },
+ "OpenIdConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Audience": {
+ "type": "string"
+ },
+ "Issuer": {
+ "type": "string"
+ },
+ "Subject": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Tags": {
+ "additionalProperties": false,
+ "patternProperties": {
+ ".+": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Unit": {
+ "additionalProperties": false,
+ "type": "object"
+ }
+ },
+ "description": "Represents a Connector that allows certificate issuance through Simple Certificate Enrollment Protocol (SCEP)",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "acm-pca:DescribeCertificateAuthority",
+ "acm-pca:GetCertificate",
+ "acm-pca:GetCertificateAuthorityCertificate",
+ "acm-pca:IssueCertificate",
+ "pca-connector-scep:GetConnector",
+ "pca-connector-scep:CreateConnector",
+ "pca-connector-scep:TagResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "acm-pca:DescribeCertificateAuthority",
+ "acm-pca:GetCertificate",
+ "acm-pca:GetCertificateAuthorityCertificate",
+ "acm-pca:IssueCertificate",
+ "pca-connector-scep:GetConnector",
+ "pca-connector-scep:DeleteConnector",
+ "pca-connector-scep:UntagResource"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "pca-connector-scep:ListConnectors"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "pca-connector-scep:ListTagsForResource",
+ "pca-connector-scep:GetConnector"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "pca-connector-scep:ListTagsForResource",
+ "pca-connector-scep:TagResource",
+ "pca-connector-scep:UntagResource"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/ConnectorArn"
+ ],
+ "properties": {
+ "CertificateAuthorityArn": {
+ "maxLength": 200,
+ "minLength": 5,
+ "pattern": "^arn:aws(-[a-z]+)*:acm-pca:[a-z]+(-[a-z]+)+-[1-9]\\d*:\\d{12}:certificate-authority\\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}$",
+ "type": "string"
+ },
+ "ConnectorArn": {
+ "maxLength": 200,
+ "minLength": 5,
+ "pattern": "^arn:aws(-[a-z]+)*:pca-connector-scep:[a-z]+(-[a-z]+)+-[1-9]\\d*:\\d{12}:connector\\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}$",
+ "type": "string"
+ },
+ "Endpoint": {
+ "maxLength": 200,
+ "minLength": 5,
+ "type": "string"
+ },
+ "MobileDeviceManagement": {
+ "$ref": "#/definitions/MobileDeviceManagement"
+ },
+ "OpenIdConfiguration": {
+ "$ref": "#/definitions/OpenIdConfiguration"
+ },
+ "Tags": {
+ "$ref": "#/definitions/Tags"
+ },
+ "Type": {
+ "$ref": "#/definitions/ConnectorType"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/ConnectorArn",
+ "/properties/Endpoint",
+ "/properties/OpenIdConfiguration",
+ "/properties/Type"
+ ],
+ "required": [
+ "CertificateAuthorityArn"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-pcaconnectorscep",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "pca-connector-scep:ListTagsForResource",
+ "pca-connector-scep:TagResource",
+ "pca-connector-scep:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::PCAConnectorSCEP::Connector"
+}
diff --git a/schema/aws-pcs-cluster.json b/schema/aws-pcs-cluster.json
new file mode 100644
index 0000000..dc26e86
--- /dev/null
+++ b/schema/aws-pcs-cluster.json
@@ -0,0 +1,333 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Name",
+ "/properties/Networking",
+ "/properties/Scheduler",
+ "/properties/Size",
+ "/properties/SlurmConfiguration"
+ ],
+ "definitions": {
+ "AuthKey": {
+ "additionalProperties": false,
+ "description": "The shared Slurm key for authentication, also known as the cluster secret.",
+ "properties": {
+ "SecretArn": {
+ "description": "The Amazon Resource Name (ARN) of the the shared Slurm key.",
+ "type": "string"
+ },
+ "SecretVersion": {
+ "description": "The version of the shared Slurm key.",
+ "type": "string"
+ }
+ },
+ "required": [
+ "SecretArn",
+ "SecretVersion"
+ ],
+ "type": "object"
+ },
+ "Endpoint": {
+ "additionalProperties": false,
+ "description": "An endpoint available for interaction with the scheduler.",
+ "properties": {
+ "Port": {
+ "description": "The endpoint's connection port number.",
+ "type": "string"
+ },
+ "PrivateIpAddress": {
+ "description": "The endpoint's private IP address.",
+ "type": "string"
+ },
+ "PublicIpAddress": {
+ "description": "The endpoint's public IP address.",
+ "type": "string"
+ },
+ "Type": {
+ "description": "Indicates the type of endpoint running at the specific IP address.",
+ "enum": [
+ "SLURMCTLD",
+ "SLURMDBD"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "Port",
+ "PrivateIpAddress",
+ "Type"
+ ],
+ "type": "object"
+ },
+ "ErrorInfo": {
+ "additionalProperties": false,
+ "description": "An error that occurred during resource provisioning.",
+ "properties": {
+ "Code": {
+ "description": "The short-form error code.",
+ "type": "string"
+ },
+ "Message": {
+ "description": "The detailed error information.",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "SecurityGroupId": {
+ "description": "A VPC security group ID.",
+ "type": "string"
+ },
+ "SlurmCustomSetting": {
+ "additionalProperties": false,
+ "description": "Additional settings that directly map to Slurm settings.",
+ "properties": {
+ "ParameterName": {
+ "description": "AWS PCS supports configuration of the following Slurm parameters for clusters: Prolog, Epilog, and SelectTypeParameters.",
+ "type": "string"
+ },
+ "ParameterValue": {
+ "description": "The value for the configured Slurm setting.",
+ "type": "string"
+ }
+ },
+ "required": [
+ "ParameterName",
+ "ParameterValue"
+ ],
+ "type": "object"
+ },
+ "SubnetId": {
+ "description": "A VPC subnet ID.",
+ "type": "string"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ",
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "AWS::PCS::Cluster resource creates an AWS PCS cluster.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "ec2:CreateNetworkInterface",
+ "ec2:DescribeVpcs",
+ "ec2:DescribeSubnets",
+ "ec2:DescribeSecurityGroups",
+ "ec2:GetSecurityGroupsForVpc",
+ "iam:CreateServiceLinkedRole",
+ "secretsmanager:CreateSecret",
+ "secretsmanager:TagResource",
+ "pcs:CreateCluster",
+ "pcs:GetCluster",
+ "pcs:ListTagsForResource",
+ "pcs:TagResource"
+ ],
+ "timeoutInMinutes": 60
+ },
+ "delete": {
+ "permissions": [
+ "pcs:DeleteCluster",
+ "pcs:GetCluster"
+ ],
+ "timeoutInMinutes": 60
+ },
+ "list": {
+ "permissions": [
+ "pcs:ListClusters"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "pcs:GetCluster",
+ "pcs:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "pcs:GetCluster",
+ "pcs:ListTagsForResource",
+ "pcs:TagResource",
+ "pcs:UntagResource"
+ ],
+ "timeoutInMinutes": 60
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "The unique Amazon Resource Name (ARN) of the cluster.",
+ "type": "string"
+ },
+ "Endpoints": {
+ "description": "The list of endpoints available for interaction with the scheduler.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Endpoint"
+ },
+ "type": "array"
+ },
+ "ErrorInfo": {
+ "description": "The list of errors that occurred during cluster provisioning.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/ErrorInfo"
+ },
+ "type": "array"
+ },
+ "Id": {
+ "description": "The generated unique ID of the cluster.",
+ "pattern": "^(pcs_[a-zA-Z0-9]+|[A-Za-z][A-Za-z0-9-]{1,40})$",
+ "type": "string"
+ },
+ "Name": {
+ "description": "The name that identifies the cluster.",
+ "type": "string"
+ },
+ "Networking": {
+ "additionalProperties": false,
+ "description": "The networking configuration for the cluster's control plane.",
+ "properties": {
+ "SecurityGroupIds": {
+ "description": "The list of security group IDs associated with the Elastic Network Interface (ENI) created in subnets.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/SecurityGroupId"
+ },
+ "type": "array"
+ },
+ "SubnetIds": {
+ "description": "The list of subnet IDs where AWS PCS creates an Elastic Network Interface (ENI) to enable communication between managed controllers and AWS PCS resources. The subnet must have an available IP address, cannot reside in AWS Outposts, AWS Wavelength, or an AWS Local Zone. AWS PCS currently supports only 1 subnet in this list.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/SubnetId"
+ },
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "Scheduler": {
+ "additionalProperties": false,
+ "description": "The cluster management and job scheduling software associated with the cluster.",
+ "properties": {
+ "Type": {
+ "description": "The software AWS PCS uses to manage cluster scaling and job scheduling.",
+ "enum": [
+ "SLURM"
+ ],
+ "type": "string"
+ },
+ "Version": {
+ "description": "The version of the specified scheduling software that AWS PCS uses to manage cluster scaling and job scheduling.",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Type",
+ "Version"
+ ],
+ "type": "object"
+ },
+ "Size": {
+ "description": "The size of the cluster.",
+ "enum": [
+ "SMALL",
+ "MEDIUM",
+ "LARGE"
+ ],
+ "type": "string"
+ },
+ "SlurmConfiguration": {
+ "additionalProperties": false,
+ "description": "Additional options related to the Slurm scheduler.",
+ "properties": {
+ "AuthKey": {
+ "$ref": "#/definitions/AuthKey"
+ },
+ "ScaleDownIdleTimeInSeconds": {
+ "description": "The time before an idle node is scaled down.",
+ "minimum": 1,
+ "type": "integer"
+ },
+ "SlurmCustomSettings": {
+ "description": "Additional Slurm-specific configuration that directly maps to Slurm settings.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/SlurmCustomSetting"
+ },
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "Status": {
+ "description": "The provisioning status of the cluster. The provisioning status doesn't indicate the overall health of the cluster.",
+ "enum": [
+ "CREATING",
+ "ACTIVE",
+ "UPDATING",
+ "DELETING",
+ "CREATE_FAILED",
+ "DELETE_FAILED",
+ "UPDATE_FAILED"
+ ],
+ "type": "string"
+ },
+ "Tags": {
+ "additionalProperties": false,
+ "description": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.",
+ "patternProperties": {
+ "^.+$": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/Endpoints",
+ "/properties/ErrorInfo",
+ "/properties/Id",
+ "/properties/Status"
+ ],
+ "required": [
+ "Networking",
+ "Scheduler",
+ "Size"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-pcs.git",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "pcs:TagResource",
+ "pcs:ListTagsForResource",
+ "pcs:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::PCS::Cluster"
+}
diff --git a/schema/aws-pcs-computenodegroup.json b/schema/aws-pcs-computenodegroup.json
new file mode 100644
index 0000000..4766986
--- /dev/null
+++ b/schema/aws-pcs-computenodegroup.json
@@ -0,0 +1,335 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Name",
+ "/properties/ClusterId",
+ "/properties/InstanceConfigs"
+ ],
+ "definitions": {
+ "ErrorInfo": {
+ "additionalProperties": false,
+ "description": "An error that occurred during resource provisioning.",
+ "properties": {
+ "Code": {
+ "description": "The short-form error code.",
+ "type": "string"
+ },
+ "Message": {
+ "description": "The detailed error information.",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "InstanceConfig": {
+ "additionalProperties": false,
+ "description": "An EC2 instance configuration AWS PCS uses to launch compute nodes.",
+ "properties": {
+ "InstanceType": {
+ "description": "The EC2 instance type that AWS PCS can provision in the compute node group.",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "SlurmCustomSetting": {
+ "additionalProperties": false,
+ "description": "Additional settings that directly map to Slurm settings.",
+ "properties": {
+ "ParameterName": {
+ "description": "AWS PCS supports configuration of the following Slurm parameters for compute node groups: Weight and RealMemory.",
+ "type": "string"
+ },
+ "ParameterValue": {
+ "description": "The value for the configured Slurm setting.",
+ "type": "string"
+ }
+ },
+ "required": [
+ "ParameterName",
+ "ParameterValue"
+ ],
+ "type": "object"
+ },
+ "SubnetId": {
+ "description": "A VPC subnet ID.",
+ "type": "string"
+ }
+ },
+ "description": "AWS::PCS::ComputeNodeGroup resource creates an AWS PCS compute node group.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "ec2:DescribeImages",
+ "ec2:DescribeVpcs",
+ "ec2:DescribeSubnets",
+ "ec2:DescribeSecurityGroups",
+ "ec2:DescribeLaunchTemplates",
+ "ec2:DescribeLaunchTemplateVersions",
+ "ec2:DescribeInstanceTypes",
+ "ec2:DescribeInstanceTypeOfferings",
+ "ec2:RunInstances",
+ "ec2:CreateFleet",
+ "ec2:CreateTags",
+ "iam:PassRole",
+ "iam:GetInstanceProfile",
+ "pcs:CreateComputeNodeGroup",
+ "pcs:GetComputeNodeGroup",
+ "pcs:ListTagsForResource",
+ "pcs:TagResource"
+ ],
+ "timeoutInMinutes": 60
+ },
+ "delete": {
+ "permissions": [
+ "ec2:DescribeImages",
+ "ec2:DescribeVpcs",
+ "ec2:DescribeSubnets",
+ "ec2:DescribeSecurityGroups",
+ "ec2:DescribeLaunchTemplates",
+ "ec2:DescribeLaunchTemplateVersions",
+ "ec2:DescribeInstanceTypes",
+ "ec2:DescribeInstanceTypeOfferings",
+ "ec2:TerminateInstances",
+ "ec2:CreateFleet",
+ "ec2:CreateTags",
+ "iam:PassRole",
+ "iam:GetInstanceProfile",
+ "pcs:GetComputeNodeGroup",
+ "pcs:DeleteComputeNodeGroup",
+ "pcs:ListTagsForResource",
+ "pcs:TagResource",
+ "pcs:UntagResource"
+ ],
+ "timeoutInMinutes": 60
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "ClusterId": {
+ "$ref": "resource-schema.json#/properties/ClusterId"
+ }
+ },
+ "required": [
+ "ClusterId"
+ ]
+ },
+ "permissions": [
+ "pcs:ListClusters",
+ "pcs:ListComputeNodeGroups"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "pcs:GetComputeNodeGroup",
+ "pcs:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "ec2:DescribeImages",
+ "ec2:DescribeVpcs",
+ "ec2:DescribeSubnets",
+ "ec2:DescribeSecurityGroups",
+ "ec2:DescribeLaunchTemplates",
+ "ec2:DescribeLaunchTemplateVersions",
+ "ec2:DescribeInstanceTypes",
+ "ec2:DescribeInstanceTypeOfferings",
+ "ec2:RunInstances",
+ "ec2:CreateFleet",
+ "ec2:CreateTags",
+ "iam:PassRole",
+ "iam:GetInstanceProfile",
+ "pcs:GetComputeNodeGroup",
+ "pcs:UpdateComputeNodeGroup",
+ "pcs:ListTagsForResource",
+ "pcs:TagResource",
+ "pcs:UntagResource"
+ ],
+ "timeoutInMinutes": 60
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn"
+ ],
+ "properties": {
+ "AmiId": {
+ "description": "The ID of the Amazon Machine Image (AMI) that AWS PCS uses to launch instances. If not provided, AWS PCS uses the AMI ID specified in the custom launch template.",
+ "pattern": "^ami-[a-z0-9]+$",
+ "type": "string"
+ },
+ "Arn": {
+ "description": "The unique Amazon Resource Name (ARN) of the compute node group.",
+ "type": "string"
+ },
+ "ClusterId": {
+ "description": "The ID of the cluster of the compute node group.",
+ "type": "string"
+ },
+ "CustomLaunchTemplate": {
+ "additionalProperties": false,
+ "description": "An Amazon EC2 launch template AWS PCS uses to launch compute nodes.",
+ "properties": {
+ "TemplateId": {
+ "description": "The ID of the EC2 launch template to use to provision instances.",
+ "type": "string"
+ },
+ "Version": {
+ "description": "The version of the EC2 launch template to use to provision instances.",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Version"
+ ],
+ "type": "object"
+ },
+ "ErrorInfo": {
+ "description": "The list of errors that occurred during compute node group provisioning.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/ErrorInfo"
+ },
+ "type": "array"
+ },
+ "IamInstanceProfileArn": {
+ "description": "The Amazon Resource Name (ARN) of the IAM instance profile used to pass an IAM role when launching EC2 instances. The role contained in your instance profile must have pcs:RegisterComputeNodeGroupInstance permissions attached to provision instances correctly.",
+ "pattern": "^arn:aws([a-zA-Z-]{0,10})?:iam::[0-9]{12}:instance-profile/.{1,128}$",
+ "type": "string"
+ },
+ "Id": {
+ "description": "The generated unique ID of the compute node group.",
+ "type": "string"
+ },
+ "InstanceConfigs": {
+ "description": "A list of EC2 instance configurations that AWS PCS can provision in the compute node group.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/InstanceConfig"
+ },
+ "type": "array"
+ },
+ "Name": {
+ "description": "The name that identifies the compute node group.",
+ "type": "string"
+ },
+ "PurchaseOption": {
+ "description": "Specifies how EC2 instances are purchased on your behalf. AWS PCS supports On-Demand and Spot instances. For more information, see Instance purchasing options in the Amazon Elastic Compute Cloud User Guide. If you don't provide this option, it defaults to On-Demand.",
+ "enum": [
+ "ONDEMAND",
+ "SPOT"
+ ],
+ "type": "string"
+ },
+ "ScalingConfiguration": {
+ "additionalProperties": false,
+ "description": "Specifies the boundaries of the compute node group auto scaling.",
+ "properties": {
+ "MaxInstanceCount": {
+ "description": "The upper bound of the number of instances allowed in the compute fleet.",
+ "minimum": 0,
+ "type": "integer"
+ },
+ "MinInstanceCount": {
+ "description": "The lower bound of the number of instances allowed in the compute fleet.",
+ "minimum": 0,
+ "type": "integer"
+ }
+ },
+ "required": [
+ "MaxInstanceCount",
+ "MinInstanceCount"
+ ],
+ "type": "object"
+ },
+ "SlurmConfiguration": {
+ "additionalProperties": false,
+ "description": "Additional options related to the Slurm scheduler.",
+ "properties": {
+ "SlurmCustomSettings": {
+ "description": "Additional Slurm-specific configuration that directly maps to Slurm settings.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/SlurmCustomSetting"
+ },
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "SpotOptions": {
+ "additionalProperties": false,
+ "description": "Additional configuration when you specify SPOT as the purchase option.",
+ "properties": {
+ "AllocationStrategy": {
+ "description": "The Amazon EC2 allocation strategy AWS PCS uses to provision EC2 instances. AWS PCS supports lowest price, capacity optimized, and price capacity optimized. If you don't provide this option, it defaults to price capacity optimized.",
+ "enum": [
+ "lowest-price",
+ "capacity-optimized",
+ "price-capacity-optimized"
+ ],
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Status": {
+ "description": "The provisioning status of the compute node group. The provisioning status doesn't indicate the overall health of the compute node group.",
+ "enum": [
+ "CREATING",
+ "ACTIVE",
+ "UPDATING",
+ "DELETING",
+ "CREATE_FAILED",
+ "DELETE_FAILED",
+ "UPDATE_FAILED"
+ ],
+ "type": "string"
+ },
+ "SubnetIds": {
+ "description": "The list of subnet IDs where instances are provisioned by the compute node group. The subnets must be in the same VPC as the cluster.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/SubnetId"
+ },
+ "type": "array"
+ },
+ "Tags": {
+ "additionalProperties": false,
+ "description": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.",
+ "patternProperties": {
+ "^.+$": {
+ "type": "string"
+ }
+ }
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/ErrorInfo",
+ "/properties/Id",
+ "/properties/Status"
+ ],
+ "required": [
+ "ClusterId",
+ "CustomLaunchTemplate",
+ "IamInstanceProfileArn",
+ "InstanceConfigs",
+ "ScalingConfiguration",
+ "SubnetIds"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-pcs.git",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "pcs:TagResource",
+ "pcs:ListTagsForResource",
+ "pcs:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::PCS::ComputeNodeGroup"
+}
diff --git a/schema/aws-pcs-queue.json b/schema/aws-pcs-queue.json
new file mode 100644
index 0000000..4333d8b
--- /dev/null
+++ b/schema/aws-pcs-queue.json
@@ -0,0 +1,178 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Name",
+ "/properties/ClusterId"
+ ],
+ "definitions": {
+ "ComputeNodeGroupConfiguration": {
+ "additionalProperties": false,
+ "description": "The compute node group configuration for a queue.",
+ "properties": {
+ "ComputeNodeGroupId": {
+ "description": "The compute node group ID for the compute node group configuration.",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "ErrorInfo": {
+ "additionalProperties": false,
+ "description": "An error that occurred during resource provisioning.",
+ "properties": {
+ "Code": {
+ "description": "The short-form error code.",
+ "type": "string"
+ },
+ "Message": {
+ "description": "The detailed error information.",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "AWS::PCS::Queue resource creates an AWS PCS queue.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "ec2:CreateNetworkInterface",
+ "ec2:DescribeVpcs",
+ "ec2:DescribeSubnets",
+ "ec2:DescribeSecurityGroups",
+ "ec2:GetSecurityGroupsForVpc",
+ "iam:CreateServiceLinkedRole",
+ "secretsmanager:CreateSecret",
+ "secretsmanager:TagResource",
+ "pcs:CreateQueue",
+ "pcs:GetQueue",
+ "pcs:ListTagsForResource",
+ "pcs:TagResource"
+ ],
+ "timeoutInMinutes": 60
+ },
+ "delete": {
+ "permissions": [
+ "pcs:DeleteQueue",
+ "pcs:GetQueue"
+ ],
+ "timeoutInMinutes": 60
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "ClusterId": {
+ "$ref": "resource-schema.json#/properties/ClusterId"
+ }
+ },
+ "required": [
+ "ClusterId"
+ ]
+ },
+ "permissions": [
+ "pcs:ListClusters",
+ "pcs:ListQueues"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "pcs:GetQueue",
+ "pcs:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "pcs:GetQueue",
+ "pcs:UpdateQueue",
+ "pcs:ListTagsForResource",
+ "pcs:TagResource",
+ "pcs:UntagResource"
+ ],
+ "timeoutInMinutes": 60
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "The unique Amazon Resource Name (ARN) of the queue.",
+ "pattern": "^(.*?)",
+ "type": "string"
+ },
+ "ClusterId": {
+ "description": "The ID of the cluster of the queue.",
+ "type": "string"
+ },
+ "ComputeNodeGroupConfigurations": {
+ "description": "The list of compute node group configurations associated with the queue. Queues assign jobs to associated compute node groups.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/ComputeNodeGroupConfiguration"
+ },
+ "type": "array"
+ },
+ "ErrorInfo": {
+ "description": "The list of errors that occurred during queue provisioning.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/ErrorInfo"
+ },
+ "type": "array"
+ },
+ "Id": {
+ "description": "The generated unique ID of the queue.",
+ "type": "string"
+ },
+ "Name": {
+ "description": "The name that identifies the queue.",
+ "type": "string"
+ },
+ "Status": {
+ "description": "The provisioning status of the queue. The provisioning status doesn't indicate the overall health of the queue.",
+ "enum": [
+ "CREATING",
+ "ACTIVE",
+ "UPDATING",
+ "DELETING",
+ "CREATE_FAILED",
+ "DELETE_FAILED",
+ "UPDATE_FAILED"
+ ],
+ "type": "string"
+ },
+ "Tags": {
+ "additionalProperties": false,
+ "description": "1 or more tags added to the resource. Each tag consists of a tag key and tag value. The tag value is optional and can be an empty string.",
+ "patternProperties": {
+ "^.+$": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/ErrorInfo",
+ "/properties/Id",
+ "/properties/Status"
+ ],
+ "required": [
+ "ClusterId"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-pcs.git",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "pcs:TagResource",
+ "pcs:ListTagsForResource",
+ "pcs:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::PCS::Queue"
+}
diff --git a/schema/aws-pinpoint-inapptemplate.json b/schema/aws-pinpoint-inapptemplate.json
index 3b7e186..60f2574 100644
--- a/schema/aws-pinpoint-inapptemplate.json
+++ b/schema/aws-pinpoint-inapptemplate.json
@@ -159,7 +159,9 @@
"update": {
"permissions": [
"mobiletargeting:UpdateInAppTemplate",
- "mobiletargeting:GetInAppTemplate"
+ "mobiletargeting:GetInAppTemplate",
+ "mobiletargeting:TagResource",
+ "mobiletargeting:UntagResource"
]
}
},
@@ -208,6 +210,16 @@
"TemplateName"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "mobiletargeting:TagResource",
+ "mobiletargeting:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Pinpoint::InAppTemplate"
}
diff --git a/schema/aws-pipes-pipe.json b/schema/aws-pipes-pipe.json
index 1a1dc6e..7e19739 100644
--- a/schema/aws-pipes-pipe.json
+++ b/schema/aws-pipes-pipe.json
@@ -17,10 +17,10 @@
"/properties/SourceParameters/ManagedStreamingKafkaParameters/TopicName",
"/properties/SourceParameters/ManagedStreamingKafkaParameters/StartingPosition",
"/properties/SourceParameters/ManagedStreamingKafkaParameters/ConsumerGroupID",
- "/properties/SourceParameters/SelfManagedApacheKafkaParameters/TopicName",
- "/properties/SourceParameters/SelfManagedApacheKafkaParameters/StartingPosition",
- "/properties/SourceParameters/SelfManagedApacheKafkaParameters/AdditionalBootstrapServers",
- "/properties/SourceParameters/SelfManagedApacheKafkaParameters/ConsumerGroupID"
+ "/properties/SourceParameters/SelfManagedKafkaParameters/TopicName",
+ "/properties/SourceParameters/SelfManagedKafkaParameters/StartingPosition",
+ "/properties/SourceParameters/SelfManagedKafkaParameters/AdditionalBootstrapServers",
+ "/properties/SourceParameters/SelfManagedKafkaParameters/ConsumerGroupID"
],
"definitions": {
"AssignPublicIp": {
@@ -211,7 +211,7 @@
"LogGroupArn": {
"maxLength": 1600,
"minLength": 1,
- "pattern": "^(^arn:aws([a-z]|\\-)*:logs:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}):(\\d{12}):log-group:.+)$",
+ "pattern": "^(^arn:aws([a-z]|\\-)*:logs:([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}):(\\d{12}):log-group:.+)$",
"type": "string"
}
},
@@ -223,7 +223,7 @@
"Arn": {
"maxLength": 1600,
"minLength": 1,
- "pattern": "^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)$",
+ "pattern": "^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)$",
"type": "string"
}
},
@@ -410,7 +410,7 @@
"ExecutionRoleArn": {
"maxLength": 1600,
"minLength": 1,
- "pattern": "^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)|(\\$(\\.[\\w/_-]+(\\[(\\d+|\\*)\\])*)*)$",
+ "pattern": "^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)|(\\$(\\.[\\w/_-]+(\\[(\\d+|\\*)\\])*)*)$",
"type": "string"
},
"InferenceAcceleratorOverrides": {
@@ -425,7 +425,7 @@
"TaskRoleArn": {
"maxLength": 1600,
"minLength": 1,
- "pattern": "^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)|(\\$(\\.[\\w/_-]+(\\[(\\d+|\\*)\\])*)*)$",
+ "pattern": "^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)|(\\$(\\.[\\w/_-]+(\\[(\\d+|\\*)\\])*)*)$",
"type": "string"
}
},
@@ -471,7 +471,7 @@
"DeliveryStreamArn": {
"maxLength": 1600,
"minLength": 1,
- "pattern": "^(^arn:aws([a-z]|\\-)*:firehose:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}):(\\d{12}):deliverystream/.+)$",
+ "pattern": "^(^arn:aws([a-z]|\\-)*:firehose:([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}):(\\d{12}):deliverystream/.+)$",
"type": "string"
}
},
@@ -529,7 +529,7 @@
"description": "Optional SecretManager ARN which stores the database credentials",
"maxLength": 1600,
"minLength": 1,
- "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
+ "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
"type": "string"
}
},
@@ -550,7 +550,7 @@
"description": "Optional SecretManager ARN which stores the database credentials",
"maxLength": 1600,
"minLength": 1,
- "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
+ "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
"type": "string"
}
},
@@ -567,7 +567,7 @@
"description": "Optional SecretManager ARN which stores the database credentials",
"maxLength": 1600,
"minLength": 1,
- "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
+ "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
"type": "string"
}
},
@@ -974,7 +974,7 @@
"description": "Optional SecretManager ARN which stores the database credentials",
"maxLength": 1600,
"minLength": 1,
- "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
+ "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
"type": "string"
},
"StartingPosition": {
@@ -1155,7 +1155,7 @@
"TaskDefinitionArn": {
"maxLength": 1600,
"minLength": 1,
- "pattern": "^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)|(\\$(\\.[\\w/_-]+(\\[(\\d+|\\*)\\])*)*)$",
+ "pattern": "^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)|(\\$(\\.[\\w/_-]+(\\[(\\d+|\\*)\\])*)*)$",
"type": "string"
}
},
@@ -1182,7 +1182,7 @@
"items": {
"maxLength": 1600,
"minLength": 1,
- "pattern": "^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)|(\\$(\\.[\\w/_-]+(\\[(\\d+|\\*)\\])*)*)$",
+ "pattern": "^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)|(\\$(\\.[\\w/_-]+(\\[(\\d+|\\*)\\])*)*)$",
"type": "string"
},
"maxItems": 10,
@@ -1319,7 +1319,7 @@
"description": "Optional SecretManager ARN which stores the database credentials",
"maxLength": 1600,
"minLength": 1,
- "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)|(\\$(\\.[\\w/_-]+(\\[(\\d+|\\*)\\])*)*)$",
+ "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)|(\\$(\\.[\\w/_-]+(\\[(\\d+|\\*)\\])*)*)$",
"type": "string"
},
"Sqls": {
@@ -1570,7 +1570,7 @@
"description": "Optional SecretManager ARN which stores the database credentials",
"maxLength": 1600,
"minLength": 1,
- "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
+ "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
"type": "string"
}
},
@@ -1587,7 +1587,7 @@
"description": "Optional SecretManager ARN which stores the database credentials",
"maxLength": 1600,
"minLength": 1,
- "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
+ "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
"type": "string"
}
},
@@ -1604,7 +1604,7 @@
"description": "Optional SecretManager ARN which stores the database credentials",
"maxLength": 1600,
"minLength": 1,
- "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
+ "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
"type": "string"
}
},
@@ -1621,7 +1621,7 @@
"description": "Optional SecretManager ARN which stores the database credentials",
"maxLength": 1600,
"minLength": 1,
- "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
+ "pattern": "^(^arn:aws([a-z]|\\-)*:secretsmanager:([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1}):(\\d{12}):secret:.+)$",
"type": "string"
}
},
@@ -1752,18 +1752,25 @@
"logs:ListLogDeliveries",
"s3:PutBucketPolicy",
"s3:GetBucketPolicy",
- "firehose:TagDeliveryStream"
+ "firehose:TagDeliveryStream",
+ "kms:DescribeKey",
+ "kms:Decrypt",
+ "kms:GenerateDataKey"
]
},
"delete": {
"permissions": [
"pipes:DeletePipe",
"pipes:DescribePipe",
+ "pipes:UntagResource",
"logs:CreateLogDelivery",
"logs:UpdateLogDelivery",
"logs:DeleteLogDelivery",
"logs:GetLogDelivery",
- "logs:ListLogDeliveries"
+ "logs:ListLogDeliveries",
+ "kms:DescribeKey",
+ "kms:Decrypt",
+ "kms:GenerateDataKey"
]
},
"list": {
@@ -1773,7 +1780,8 @@
},
"read": {
"permissions": [
- "pipes:DescribePipe"
+ "pipes:DescribePipe",
+ "kms:Decrypt"
]
},
"update": {
@@ -1794,7 +1802,10 @@
"logs:ListLogDeliveries",
"s3:PutBucketPolicy",
"s3:GetBucketPolicy",
- "firehose:TagDeliveryStream"
+ "firehose:TagDeliveryStream",
+ "kms:DescribeKey",
+ "kms:Decrypt",
+ "kms:GenerateDataKey"
]
}
},
@@ -1827,12 +1838,17 @@
"Enrichment": {
"maxLength": 1600,
"minLength": 0,
- "pattern": "^$|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)$",
+ "pattern": "^$|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)$",
"type": "string"
},
"EnrichmentParameters": {
"$ref": "#/definitions/PipeEnrichmentParameters"
},
+ "KmsKeyIdentifier": {
+ "maxLength": 2048,
+ "minLength": 0,
+ "type": "string"
+ },
"LastModifiedTime": {
"format": "date-time",
"type": "string"
@@ -1855,7 +1871,7 @@
"Source": {
"maxLength": 1600,
"minLength": 1,
- "pattern": "^smk://(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9]):[0-9]{1,5}|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)$",
+ "pattern": "^smk://(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9]):[0-9]{1,5}|arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)$",
"type": "string"
},
"SourceParameters": {
@@ -1873,7 +1889,7 @@
"Target": {
"maxLength": 1600,
"minLength": 1,
- "pattern": "^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)$",
+ "pattern": "^arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-]+):([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\\d{1})?:(\\d{12})?:(.+)$",
"type": "string"
},
"TargetParameters": {
@@ -1894,6 +1910,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "pipes:TagResource",
+ "pipes:UntagResource",
+ "pipes:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-proton-environmentaccountconnection.json b/schema/aws-proton-environmentaccountconnection.json
index 18855c3..6195db4 100644
--- a/schema/aws-proton-environmentaccountconnection.json
+++ b/schema/aws-proton-environmentaccountconnection.json
@@ -156,6 +156,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-proton",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "proton:ListTagsForResource",
+ "proton:UntagResource",
+ "proton:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-proton-environmenttemplate.json b/schema/aws-proton-environmenttemplate.json
index 877d13f..cad9a4d 100644
--- a/schema/aws-proton-environmenttemplate.json
+++ b/schema/aws-proton-environmenttemplate.json
@@ -46,16 +46,90 @@
"create": {
"permissions": [
"proton:CreateEnvironmentTemplate",
+ "proton:DeleteEnvironmentTemplate",
+ "proton:ListTagsForResource",
"proton:TagResource",
"proton:GetEnvironmentTemplate",
- "kms:*"
+ "kms:CancelKeyDeletion",
+ "kms:CreateAlias",
+ "kms:CreateCustomKeyStore",
+ "kms:CreateGrant",
+ "kms:CreateKey",
+ "kms:DeleteAlias",
+ "kms:DeleteCustomKeyStore",
+ "kms:DeleteImportedKeyMaterial",
+ "kms:DescribeCustomKeyStores",
+ "kms:DescribeKey",
+ "kms:DisableKey",
+ "kms:DisableKeyRotation",
+ "kms:EnableKey",
+ "kms:EnableKeyRotation",
+ "kms:GenerateDataKey",
+ "kms:GetKeyPolicy",
+ "kms:GetKeyRotationStatus",
+ "kms:GetParametersForImport",
+ "kms:GetPublicKey",
+ "kms:ListAliases",
+ "kms:ListGrants",
+ "kms:ListKeyPolicies",
+ "kms:ListKeyRotations",
+ "kms:ListKeys",
+ "kms:ListResourceTags",
+ "kms:ListRetirableGrants",
+ "kms:PutKeyPolicy",
+ "kms:RevokeGrant",
+ "kms:ScheduleKeyDeletion",
+ "kms:TagResource",
+ "kms:UntagResource",
+ "kms:UpdateAlias",
+ "kms:UpdateCustomKeyStore",
+ "kms:UpdateKeyDescription",
+ "kms:UpdatePrimaryRegion"
]
},
"delete": {
"permissions": [
+ "proton:CreateEnvironmentTemplate",
"proton:DeleteEnvironmentTemplate",
"proton:GetEnvironmentTemplate",
- "kms:*"
+ "proton:ListTagsForResource",
+ "proton:TagResource",
+ "proton:UntagResource",
+ "kms:CancelKeyDeletion",
+ "kms:CreateAlias",
+ "kms:CreateCustomKeyStore",
+ "kms:CreateGrant",
+ "kms:CreateKey",
+ "kms:DeleteAlias",
+ "kms:DeleteCustomKeyStore",
+ "kms:DeleteImportedKeyMaterial",
+ "kms:DescribeCustomKeyStores",
+ "kms:DescribeKey",
+ "kms:DisableKey",
+ "kms:DisableKeyRotation",
+ "kms:EnableKey",
+ "kms:EnableKeyRotation",
+ "kms:GenerateDataKey",
+ "kms:GetKeyPolicy",
+ "kms:GetKeyRotationStatus",
+ "kms:GetParametersForImport",
+ "kms:GetPublicKey",
+ "kms:ListAliases",
+ "kms:ListGrants",
+ "kms:ListKeyPolicies",
+ "kms:ListKeyRotations",
+ "kms:ListKeys",
+ "kms:ListResourceTags",
+ "kms:ListRetirableGrants",
+ "kms:PutKeyPolicy",
+ "kms:RevokeGrant",
+ "kms:ScheduleKeyDeletion",
+ "kms:TagResource",
+ "kms:UntagResource",
+ "kms:UpdateAlias",
+ "kms:UpdateCustomKeyStore",
+ "kms:UpdateKeyDescription",
+ "kms:UpdatePrimaryRegion"
]
},
"list": {
@@ -65,20 +139,91 @@
},
"read": {
"permissions": [
- "proton:GetEnvironmentTemplate",
+ "proton:CreateEnvironmentTemplate",
+ "proton:DeleteEnvironmentTemplate",
"proton:ListTagsForResource",
- "kms:*"
+ "proton:GetEnvironmentTemplate",
+ "kms:CancelKeyDeletion",
+ "kms:CreateAlias",
+ "kms:CreateCustomKeyStore",
+ "kms:CreateGrant",
+ "kms:CreateKey",
+ "kms:DeleteAlias",
+ "kms:DeleteCustomKeyStore",
+ "kms:DeleteImportedKeyMaterial",
+ "kms:DescribeCustomKeyStores",
+ "kms:DescribeKey",
+ "kms:DisableKey",
+ "kms:DisableKeyRotation",
+ "kms:EnableKey",
+ "kms:EnableKeyRotation",
+ "kms:GenerateDataKey",
+ "kms:GetKeyPolicy",
+ "kms:GetKeyRotationStatus",
+ "kms:GetParametersForImport",
+ "kms:GetPublicKey",
+ "kms:ListAliases",
+ "kms:ListGrants",
+ "kms:ListKeyPolicies",
+ "kms:ListKeyRotations",
+ "kms:ListKeys",
+ "kms:ListResourceTags",
+ "kms:ListRetirableGrants",
+ "kms:PutKeyPolicy",
+ "kms:RevokeGrant",
+ "kms:ScheduleKeyDeletion",
+ "kms:TagResource",
+ "kms:UntagResource",
+ "kms:UpdateAlias",
+ "kms:UpdateCustomKeyStore",
+ "kms:UpdateKeyDescription",
+ "kms:UpdatePrimaryRegion"
]
},
"update": {
"permissions": [
"proton:CreateEnvironmentTemplate",
+ "proton:DeleteEnvironmentTemplate",
+ "proton:GetEnvironmentTemplate",
"proton:ListTagsForResource",
"proton:TagResource",
- "proton:UntagResource",
"proton:UpdateEnvironmentTemplate",
- "proton:GetEnvironmentTemplate",
- "kms:*"
+ "proton:UntagResource",
+ "kms:CancelKeyDeletion",
+ "kms:CreateAlias",
+ "kms:CreateCustomKeyStore",
+ "kms:CreateGrant",
+ "kms:CreateKey",
+ "kms:DeleteAlias",
+ "kms:DeleteCustomKeyStore",
+ "kms:DeleteImportedKeyMaterial",
+ "kms:DescribeCustomKeyStores",
+ "kms:DescribeKey",
+ "kms:DisableKey",
+ "kms:DisableKeyRotation",
+ "kms:EnableKey",
+ "kms:EnableKeyRotation",
+ "kms:GenerateDataKey",
+ "kms:GetKeyPolicy",
+ "kms:GetKeyRotationStatus",
+ "kms:GetParametersForImport",
+ "kms:GetPublicKey",
+ "kms:ListAliases",
+ "kms:ListGrants",
+ "kms:ListKeyPolicies",
+ "kms:ListKeyRotations",
+ "kms:ListKeys",
+ "kms:ListResourceTags",
+ "kms:ListRetirableGrants",
+ "kms:PutKeyPolicy",
+ "kms:RevokeGrant",
+ "kms:ScheduleKeyDeletion",
+ "kms:TagResource",
+ "kms:UntagResource",
+ "kms:UpdateAlias",
+ "kms:UpdateCustomKeyStore",
+ "kms:UpdateKeyDescription",
+ "kms:UpdatePrimaryRegion"
]
}
},
@@ -135,6 +280,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-proton",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "proton:ListTagsForResource",
+ "proton:UntagResource",
+ "proton:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-proton-servicetemplate.json b/schema/aws-proton-servicetemplate.json
index 78317c8..473f38d 100644
--- a/schema/aws-proton-servicetemplate.json
+++ b/schema/aws-proton-servicetemplate.json
@@ -47,28 +47,131 @@
"permissions": [
"proton:CreateServiceTemplate",
"proton:TagResource",
- "kms:*",
- "proton:GetServiceTemplate"
+ "proton:GetServiceTemplate",
+ "kms:CancelKeyDeletion",
+ "kms:CreateAlias",
+ "kms:CreateCustomKeyStore",
+ "kms:CreateGrant",
+ "kms:CreateKey",
+ "kms:DeleteAlias",
+ "kms:DeleteCustomKeyStore",
+ "kms:DeleteImportedKeyMaterial",
+ "kms:DescribeCustomKeyStores",
+ "kms:DescribeKey",
+ "kms:DisableKey",
+ "kms:DisableKeyRotation",
+ "kms:EnableKey",
+ "kms:EnableKeyRotation",
+ "kms:GenerateDataKey",
+ "kms:GetKeyPolicy",
+ "kms:GetKeyRotationStatus",
+ "kms:GetParametersForImport",
+ "kms:GetPublicKey",
+ "kms:ListAliases",
+ "kms:ListGrants",
+ "kms:ListKeyPolicies",
+ "kms:ListKeyRotations",
+ "kms:ListKeys",
+ "kms:ListResourceTags",
+ "kms:ListRetirableGrants",
+ "kms:PutKeyPolicy",
+ "kms:RevokeGrant",
+ "kms:ScheduleKeyDeletion",
+ "kms:TagResource",
+ "kms:UntagResource",
+ "kms:UpdateAlias",
+ "kms:UpdateCustomKeyStore",
+ "kms:UpdateKeyDescription",
+ "kms:UpdatePrimaryRegion"
]
},
"delete": {
"permissions": [
"proton:DeleteServiceTemplate",
"proton:UntagResource",
- "kms:*",
- "proton:GetServiceTemplate"
+ "proton:GetServiceTemplate",
+ "kms:CancelKeyDeletion",
+ "kms:CreateAlias",
+ "kms:CreateCustomKeyStore",
+ "kms:CreateGrant",
+ "kms:CreateKey",
+ "kms:DeleteAlias",
+ "kms:DeleteCustomKeyStore",
+ "kms:DeleteImportedKeyMaterial",
+ "kms:DescribeCustomKeyStores",
+ "kms:DescribeKey",
+ "kms:DisableKey",
+ "kms:DisableKeyRotation",
+ "kms:EnableKey",
+ "kms:EnableKeyRotation",
+ "kms:GenerateDataKey",
+ "kms:GetKeyPolicy",
+ "kms:GetKeyRotationStatus",
+ "kms:GetParametersForImport",
+ "kms:GetPublicKey",
+ "kms:ListAliases",
+ "kms:ListGrants",
+ "kms:ListKeyPolicies",
+ "kms:ListKeyRotations",
+ "kms:ListKeys",
+ "kms:ListResourceTags",
+ "kms:ListRetirableGrants",
+ "kms:PutKeyPolicy",
+ "kms:RevokeGrant",
+ "kms:ScheduleKeyDeletion",
+ "kms:TagResource",
+ "kms:UntagResource",
+ "kms:UpdateAlias",
+ "kms:UpdateCustomKeyStore",
+ "kms:UpdateKeyDescription",
+ "kms:UpdatePrimaryRegion"
]
},
"list": {
"permissions": [
- "proton:ListServiceTemplates"
+ "proton:ListServiceTemplates",
+ "proton:ListTagsForResource"
]
},
"read": {
"permissions": [
"proton:GetServiceTemplate",
"proton:ListTagsForResource",
- "kms:*"
+ "kms:CancelKeyDeletion",
+ "kms:CreateAlias",
+ "kms:CreateCustomKeyStore",
+ "kms:CreateGrant",
+ "kms:CreateKey",
+ "kms:DeleteAlias",
+ "kms:DeleteCustomKeyStore",
+ "kms:DeleteImportedKeyMaterial",
+ "kms:DescribeCustomKeyStores",
+ "kms:DescribeKey",
+ "kms:DisableKey",
+ "kms:DisableKeyRotation",
+ "kms:EnableKey",
+ "kms:EnableKeyRotation",
+ "kms:GenerateDataKey",
+ "kms:GetKeyPolicy",
+ "kms:GetKeyRotationStatus",
+ "kms:GetParametersForImport",
+ "kms:GetPublicKey",
+ "kms:ListAliases",
+ "kms:ListGrants",
+ "kms:ListKeyPolicies",
+ "kms:ListKeyRotations",
+ "kms:ListKeys",
+ "kms:ListResourceTags",
+ "kms:ListRetirableGrants",
+ "kms:PutKeyPolicy",
+ "kms:RevokeGrant",
+ "kms:ScheduleKeyDeletion",
+ "kms:TagResource",
+ "kms:UntagResource",
+ "kms:UpdateAlias",
+ "kms:UpdateCustomKeyStore",
+ "kms:UpdateKeyDescription",
+ "kms:UpdatePrimaryRegion"
]
},
"update": {
@@ -79,7 +182,41 @@
"proton:TagResource",
"proton:UntagResource",
"proton:UpdateServiceTemplate",
- "kms:*"
+ "kms:CancelKeyDeletion",
+ "kms:CreateAlias",
+ "kms:CreateCustomKeyStore",
+ "kms:CreateGrant",
+ "kms:CreateKey",
+ "kms:DeleteAlias",
+ "kms:DeleteCustomKeyStore",
+ "kms:DeleteImportedKeyMaterial",
+ "kms:DescribeCustomKeyStores",
+ "kms:DescribeKey",
+ "kms:DisableKey",
+ "kms:DisableKeyRotation",
+ "kms:EnableKey",
+ "kms:EnableKeyRotation",
+ "kms:GenerateDataKey",
+ "kms:GetKeyPolicy",
+ "kms:GetKeyRotationStatus",
+ "kms:GetParametersForImport",
+ "kms:GetPublicKey",
+ "kms:ListAliases",
+ "kms:ListGrants",
+ "kms:ListKeyPolicies",
+ "kms:ListKeyRotations",
+ "kms:ListKeys",
+ "kms:ListResourceTags",
+ "kms:ListRetirableGrants",
+ "kms:PutKeyPolicy",
+ "kms:RevokeGrant",
+ "kms:ScheduleKeyDeletion",
+ "kms:TagResource",
+ "kms:UntagResource",
+ "kms:UpdateAlias",
+ "kms:UpdateCustomKeyStore",
+ "kms:UpdateKeyDescription",
+ "kms:UpdatePrimaryRegion"
]
}
},
@@ -139,6 +276,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-proton",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "proton:ListTagsForResource",
+ "proton:UntagResource",
+ "proton:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-qbusiness-application.json b/schema/aws-qbusiness-application.json
index d72da59..3e8920d 100644
--- a/schema/aws-qbusiness-application.json
+++ b/schema/aws-qbusiness-application.json
@@ -1,7 +1,11 @@
{
"additionalProperties": false,
"createOnlyProperties": [
- "/properties/EncryptionConfiguration"
+ "/properties/ClientIdsForOIDC",
+ "/properties/EncryptionConfiguration",
+ "/properties/IamIdentityProviderArn",
+ "/properties/IdentityType",
+ "/properties/QuickSightConfiguration"
],
"definitions": {
"ApplicationStatus": {
@@ -33,6 +37,28 @@
],
"type": "string"
},
+ "AutoSubscriptionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "AutoSubscribe": {
+ "$ref": "#/definitions/AutoSubscriptionStatus"
+ },
+ "DefaultSubscriptionType": {
+ "$ref": "#/definitions/SubscriptionType"
+ }
+ },
+ "required": [
+ "AutoSubscribe"
+ ],
+ "type": "object"
+ },
+ "AutoSubscriptionStatus": {
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"EncryptionConfiguration": {
"additionalProperties": false,
"properties": {
@@ -44,6 +70,34 @@
},
"type": "object"
},
+ "IdentityType": {
+ "enum": [
+ "AWS_IAM_IDP_SAML",
+ "AWS_IAM_IDP_OIDC",
+ "AWS_IAM_IDC",
+ "AWS_QUICKSIGHT_IDP"
+ ],
+ "type": "string"
+ },
+ "PersonalizationConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "PersonalizationControlMode": {
+ "$ref": "#/definitions/PersonalizationControlMode"
+ }
+ },
+ "required": [
+ "PersonalizationControlMode"
+ ],
+ "type": "object"
+ },
+ "PersonalizationControlMode": {
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"QAppsConfiguration": {
"additionalProperties": false,
"properties": {
@@ -63,6 +117,28 @@
],
"type": "string"
},
+ "QuickSightConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ClientNamespace": {
+ "maxLength": 64,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9._-]*$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "ClientNamespace"
+ ],
+ "type": "object"
+ },
+ "SubscriptionType": {
+ "enum": [
+ "Q_LITE",
+ "Q_BUSINESS"
+ ],
+ "type": "string"
+ },
"Tag": {
"additionalProperties": false,
"properties": {
@@ -88,6 +164,7 @@
"handlers": {
"create": {
"permissions": [
+ "iam:GetSAMLProvider",
"iam:PassRole",
"kms:CreateGrant",
"kms:DescribeKey",
@@ -95,8 +172,12 @@
"qbusiness:GetApplication",
"qbusiness:ListTagsForResource",
"qbusiness:TagResource",
+ "qbusiness:UpdateApplication",
+ "quicksight:DescribeAccountSubscription",
+ "quicksight:ListNamespaces",
"sso:CreateApplication",
"sso:DeleteApplication",
+ "sso:DescribeInstance",
"sso:PutApplicationAccessScope",
"sso:PutApplicationAuthenticationMethod",
"sso:PutApplicationGrant"
@@ -131,6 +212,7 @@
"qbusiness:UpdateApplication",
"sso:CreateApplication",
"sso:DeleteApplication",
+ "sso:DescribeInstance",
"sso:PutApplicationAccessScope",
"sso:PutApplicationAuthenticationMethod",
"sso:PutApplicationGrant"
@@ -156,6 +238,18 @@
"AttachmentsConfiguration": {
"$ref": "#/definitions/AttachmentsConfiguration"
},
+ "AutoSubscriptionConfiguration": {
+ "$ref": "#/definitions/AutoSubscriptionConfiguration"
+ },
+ "ClientIdsForOIDC": {
+ "items": {
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9_.:/()*?=-]*$",
+ "type": "string"
+ },
+ "type": "array"
+ },
"CreatedAt": {
"format": "date-time",
"type": "string"
@@ -175,6 +269,12 @@
"EncryptionConfiguration": {
"$ref": "#/definitions/EncryptionConfiguration"
},
+ "IamIdentityProviderArn": {
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:aws:iam::\\d{12}:(oidc-provider|saml-provider)/[a-zA-Z0-9_\\.\\/@\\-]+$",
+ "type": "string"
+ },
"IdentityCenterApplicationArn": {
"maxLength": 1224,
"minLength": 10,
@@ -187,9 +287,18 @@
"pattern": "^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}$",
"type": "string"
},
+ "IdentityType": {
+ "$ref": "#/definitions/IdentityType"
+ },
+ "PersonalizationConfiguration": {
+ "$ref": "#/definitions/PersonalizationConfiguration"
+ },
"QAppsConfiguration": {
"$ref": "#/definitions/QAppsConfiguration"
},
+ "QuickSightConfiguration": {
+ "$ref": "#/definitions/QuickSightConfiguration"
+ },
"RoleArn": {
"maxLength": 1284,
"minLength": 0,
@@ -200,7 +309,6 @@
"$ref": "#/definitions/ApplicationStatus"
},
"Tags": {
- "insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
},
@@ -225,6 +333,15 @@
"DisplayName"
],
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "qbusiness:UntagResource",
+ "qbusiness:TagResource",
+ "qbusiness:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::QBusiness::Application",
diff --git a/schema/aws-qbusiness-dataaccessor.json b/schema/aws-qbusiness-dataaccessor.json
new file mode 100644
index 0000000..5758b7f
--- /dev/null
+++ b/schema/aws-qbusiness-dataaccessor.json
@@ -0,0 +1,330 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ApplicationId",
+ "/properties/Principal"
+ ],
+ "definitions": {
+ "ActionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Action": {
+ "pattern": "^qbusiness:[a-zA-Z]+$",
+ "type": "string"
+ },
+ "FilterConfiguration": {
+ "$ref": "#/definitions/ActionFilterConfiguration"
+ }
+ },
+ "required": [
+ "Action"
+ ],
+ "type": "object"
+ },
+ "ActionFilterConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "DocumentAttributeFilter": {
+ "$ref": "#/definitions/AttributeFilter"
+ }
+ },
+ "required": [
+ "DocumentAttributeFilter"
+ ],
+ "type": "object"
+ },
+ "AttributeFilter": {
+ "additionalProperties": false,
+ "properties": {
+ "AndAllFilters": {
+ "items": {
+ "$ref": "#/definitions/AttributeFilter"
+ },
+ "type": "array"
+ },
+ "ContainsAll": {
+ "$ref": "#/definitions/DocumentAttribute"
+ },
+ "ContainsAny": {
+ "$ref": "#/definitions/DocumentAttribute"
+ },
+ "EqualsTo": {
+ "$ref": "#/definitions/DocumentAttribute"
+ },
+ "GreaterThan": {
+ "$ref": "#/definitions/DocumentAttribute"
+ },
+ "GreaterThanOrEquals": {
+ "$ref": "#/definitions/DocumentAttribute"
+ },
+ "LessThan": {
+ "$ref": "#/definitions/DocumentAttribute"
+ },
+ "LessThanOrEquals": {
+ "$ref": "#/definitions/DocumentAttribute"
+ },
+ "NotFilter": {
+ "$ref": "#/definitions/AttributeFilter"
+ },
+ "OrAllFilters": {
+ "items": {
+ "$ref": "#/definitions/AttributeFilter"
+ },
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "DocumentAttribute": {
+ "additionalProperties": false,
+ "properties": {
+ "Name": {
+ "maxLength": 200,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9_][a-zA-Z0-9_-]*$",
+ "type": "string"
+ },
+ "Value": {
+ "$ref": "#/definitions/DocumentAttributeValue"
+ }
+ },
+ "required": [
+ "Name",
+ "Value"
+ ],
+ "type": "object"
+ },
+ "DocumentAttributeValue": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "StringValue": {
+ "maxLength": 2048,
+ "type": "string"
+ }
+ },
+ "required": [
+ "StringValue"
+ ],
+ "title": "StringValue",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "StringListValue": {
+ "items": {
+ "maxLength": 2048,
+ "minLength": 1,
+ "type": "string"
+ },
+ "type": "array"
+ }
+ },
+ "required": [
+ "StringListValue"
+ ],
+ "title": "StringListValue",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "LongValue": {
+ "type": "number"
+ }
+ },
+ "required": [
+ "LongValue"
+ ],
+ "title": "LongValue",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "DateValue": {
+ "format": "date-time",
+ "type": "string"
+ }
+ },
+ "required": [
+ "DateValue"
+ ],
+ "title": "DateValue",
+ "type": "object"
+ }
+ ]
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ },
+ "Unit": {
+ "additionalProperties": false,
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::QBusiness::DataAccessor Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "qbusiness:CreateDataAccessor",
+ "qbusiness:GetDataAccessor",
+ "qbusiness:ListTagsForResource",
+ "qbusiness:TagResource",
+ "sso:CreateApplication",
+ "sso:PutApplicationAuthenticationMethod",
+ "sso:PutApplicationGrant",
+ "sso:PutApplicationAccessScope"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "qbusiness:DeleteDataAccessor",
+ "qbusiness:GetDataAccessor",
+ "sso:DeleteApplication"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "ApplicationId": {
+ "$ref": "resource-schema.json#/properties/ApplicationId"
+ }
+ },
+ "required": [
+ "ApplicationId"
+ ]
+ },
+ "permissions": [
+ "qbusiness:ListDataAccessors"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "qbusiness:GetDataAccessor",
+ "qbusiness:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "qbusiness:GetDataAccessor",
+ "qbusiness:ListTagsForResource",
+ "qbusiness:TagResource",
+ "qbusiness:UntagResource",
+ "qbusiness:UpdateDataAccessor"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/ApplicationId",
+ "/properties/DataAccessorId"
+ ],
+ "properties": {
+ "ActionConfigurations": {
+ "items": {
+ "$ref": "#/definitions/ActionConfiguration"
+ },
+ "maxItems": 10,
+ "minItems": 1,
+ "type": "array"
+ },
+ "ApplicationId": {
+ "maxLength": 36,
+ "minLength": 36,
+ "pattern": "^[a-zA-Z0-9][a-zA-Z0-9-]{35}$",
+ "type": "string"
+ },
+ "CreatedAt": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "DataAccessorArn": {
+ "maxLength": 1284,
+ "minLength": 0,
+ "pattern": "^arn:[a-z0-9-\\.]{1,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[^/].{0,1023}$",
+ "type": "string"
+ },
+ "DataAccessorId": {
+ "maxLength": 36,
+ "minLength": 36,
+ "pattern": "^[a-zA-Z0-9][a-zA-Z0-9-]{35}$",
+ "type": "string"
+ },
+ "DisplayName": {
+ "maxLength": 100,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9][a-zA-Z0-9_-]*$",
+ "type": "string"
+ },
+ "IdcApplicationArn": {
+ "maxLength": 1224,
+ "minLength": 10,
+ "pattern": "^arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-b):sso::\\d{12}:application/(sso)?ins-[a-zA-Z0-9-.]{16}/apl-[a-zA-Z0-9]{16}$",
+ "type": "string"
+ },
+ "Principal": {
+ "maxLength": 1284,
+ "minLength": 1,
+ "pattern": "^arn:aws:iam::[0-9]{12}:role/[a-zA-Z0-9_/+=,.@-]+$",
+ "type": "string"
+ },
+ "Tags": {
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
+ },
+ "UpdatedAt": {
+ "format": "date-time",
+ "type": "string"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/CreatedAt",
+ "/properties/DataAccessorArn",
+ "/properties/DataAccessorId",
+ "/properties/IdcApplicationArn",
+ "/properties/UpdatedAt"
+ ],
+ "required": [
+ "ApplicationId",
+ "ActionConfigurations",
+ "DisplayName",
+ "Principal"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-qbusiness",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "qbusiness:UntagResource",
+ "qbusiness:TagResource",
+ "qbusiness:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::QBusiness::DataAccessor"
+}
diff --git a/schema/aws-qbusiness-datasource.json b/schema/aws-qbusiness-datasource.json
index a2fef64..bc8a2ba 100644
--- a/schema/aws-qbusiness-datasource.json
+++ b/schema/aws-qbusiness-datasource.json
@@ -11,6 +11,25 @@
],
"type": "string"
},
+ "AudioExtractionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "AudioExtractionStatus": {
+ "$ref": "#/definitions/AudioExtractionStatus"
+ }
+ },
+ "required": [
+ "AudioExtractionStatus"
+ ],
+ "type": "object"
+ },
+ "AudioExtractionStatus": {
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"DataSourceStatus": {
"enum": [
"PENDING_CREATION",
@@ -231,6 +250,25 @@
},
"type": "object"
},
+ "ImageExtractionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ImageExtractionStatus": {
+ "$ref": "#/definitions/ImageExtractionStatus"
+ }
+ },
+ "required": [
+ "ImageExtractionStatus"
+ ],
+ "type": "object"
+ },
+ "ImageExtractionStatus": {
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"InlineDocumentEnrichmentConfiguration": {
"additionalProperties": false,
"properties": {
@@ -246,6 +284,21 @@
},
"type": "object"
},
+ "MediaExtractionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "AudioExtractionConfiguration": {
+ "$ref": "#/definitions/AudioExtractionConfiguration"
+ },
+ "ImageExtractionConfiguration": {
+ "$ref": "#/definitions/ImageExtractionConfiguration"
+ },
+ "VideoExtractionConfiguration": {
+ "$ref": "#/definitions/VideoExtractionConfiguration"
+ }
+ },
+ "type": "object"
+ },
"Tag": {
"additionalProperties": false,
"properties": {
@@ -265,6 +318,25 @@
"Value"
],
"type": "object"
+ },
+ "VideoExtractionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "VideoExtractionStatus": {
+ "$ref": "#/definitions/VideoExtractionStatus"
+ }
+ },
+ "required": [
+ "VideoExtractionStatus"
+ ],
+ "type": "object"
+ },
+ "VideoExtractionStatus": {
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
}
},
"description": "Definition of AWS::QBusiness::DataSource Resource Type",
@@ -370,6 +442,9 @@
"pattern": "^[a-zA-Z0-9][a-zA-Z0-9-]{35}$",
"type": "string"
},
+ "MediaExtractionConfiguration": {
+ "$ref": "#/definitions/MediaExtractionConfiguration"
+ },
"RoleArn": {
"maxLength": 1284,
"minLength": 0,
@@ -422,6 +497,15 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-qbusiness",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "qbusiness:UntagResource",
+ "qbusiness:TagResource",
+ "qbusiness:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::QBusiness::DataSource"
diff --git a/schema/aws-qbusiness-index.json b/schema/aws-qbusiness-index.json
index bf712ab..5d4cb29 100644
--- a/schema/aws-qbusiness-index.json
+++ b/schema/aws-qbusiness-index.json
@@ -246,6 +246,15 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-qbusiness",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "qbusiness:UntagResource",
+ "qbusiness:TagResource",
+ "qbusiness:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::QBusiness::Index"
diff --git a/schema/aws-qbusiness-permission.json b/schema/aws-qbusiness-permission.json
new file mode 100644
index 0000000..ac60cbd
--- /dev/null
+++ b/schema/aws-qbusiness-permission.json
@@ -0,0 +1,91 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ApplicationId",
+ "/properties/StatementId",
+ "/properties/Actions",
+ "/properties/Principal"
+ ],
+ "description": "Definition of AWS::QBusiness::Permission Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "qbusiness:AssociatePermission",
+ "qbusiness:PutResourcePolicy"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "qbusiness:DisassociatePermission",
+ "qbusiness:PutResourcePolicy"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "ApplicationId": {
+ "$ref": "resource-schema.json#/properties/ApplicationId"
+ }
+ },
+ "required": [
+ "ApplicationId"
+ ]
+ },
+ "permissions": [
+ "qbusiness:GetPolicy"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "qbusiness:GetPolicy"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/ApplicationId",
+ "/properties/StatementId"
+ ],
+ "properties": {
+ "Actions": {
+ "items": {
+ "pattern": "^qbusiness:[a-zA-Z]+$",
+ "type": "string"
+ },
+ "maxItems": 10,
+ "minItems": 1,
+ "type": "array"
+ },
+ "ApplicationId": {
+ "maxLength": 36,
+ "minLength": 36,
+ "pattern": "^[a-zA-Z0-9][a-zA-Z0-9-]{35}$",
+ "type": "string"
+ },
+ "Principal": {
+ "maxLength": 1284,
+ "minLength": 1,
+ "pattern": "^arn:aws:iam::[0-9]{12}:role/[a-zA-Z0-9_/+=,.@-]+$",
+ "type": "string"
+ },
+ "StatementId": {
+ "maxLength": 100,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9_-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "ApplicationId",
+ "StatementId",
+ "Actions",
+ "Principal"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-qbusiness",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "taggable": false
+ },
+ "typeName": "AWS::QBusiness::Permission"
+}
diff --git a/schema/aws-qbusiness-plugin.json b/schema/aws-qbusiness-plugin.json
index 215c92b..224581b 100644
--- a/schema/aws-qbusiness-plugin.json
+++ b/schema/aws-qbusiness-plugin.json
@@ -92,6 +92,12 @@
"OAuth2ClientCredentialConfiguration": {
"additionalProperties": false,
"properties": {
+ "AuthorizationUrl": {
+ "maxLength": 2048,
+ "minLength": 1,
+ "pattern": "^(https?|ftp|file)://([^\\s]*)$",
+ "type": "string"
+ },
"RoleArn": {
"maxLength": 1284,
"minLength": 0,
@@ -103,6 +109,12 @@
"minLength": 0,
"pattern": "^arn:[a-z0-9-\\.]{1,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[^/].{0,1023}$",
"type": "string"
+ },
+ "TokenUrl": {
+ "maxLength": 2048,
+ "minLength": 1,
+ "pattern": "^(https?|ftp|file)://([^\\s]*)$",
+ "type": "string"
}
},
"required": [
@@ -179,7 +191,19 @@
"SALESFORCE",
"JIRA",
"ZENDESK",
- "CUSTOM"
+ "CUSTOM",
+ "QUICKSIGHT",
+ "SERVICENOW_NOW_PLATFORM",
+ "JIRA_CLOUD",
+ "SALESFORCE_CRM",
+ "ZENDESK_SUITE",
+ "ATLASSIAN_CONFLUENCE",
+ "GOOGLE_CALENDAR",
+ "MICROSOFT_TEAMS",
+ "MICROSOFT_EXCHANGE",
+ "PAGERDUTY_ADVANCE",
+ "SMARTSHEET",
+ "ASANA"
],
"type": "string"
},
@@ -233,8 +257,7 @@
"qbusiness:CreatePlugin",
"qbusiness:GetPlugin",
"qbusiness:ListTagsForResource",
- "qbusiness:TagResource",
- "qbusiness:UpdatePlugin"
+ "qbusiness:TagResource"
]
},
"delete": {
@@ -327,7 +350,6 @@
"$ref": "#/definitions/PluginState"
},
"Tags": {
- "insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
},
@@ -351,13 +373,21 @@
"/properties/UpdatedAt"
],
"required": [
- "ApplicationId",
"AuthConfiguration",
"DisplayName",
"Type"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-qbusiness",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "qbusiness:UntagResource",
+ "qbusiness:TagResource",
+ "qbusiness:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::QBusiness::Plugin"
diff --git a/schema/aws-qbusiness-retriever.json b/schema/aws-qbusiness-retriever.json
index d2dfb5d..a45d2a5 100644
--- a/schema/aws-qbusiness-retriever.json
+++ b/schema/aws-qbusiness-retriever.json
@@ -227,6 +227,15 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-qbusiness",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "qbusiness:UntagResource",
+ "qbusiness:TagResource",
+ "qbusiness:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::QBusiness::Retriever"
diff --git a/schema/aws-qbusiness-webexperience.json b/schema/aws-qbusiness-webexperience.json
index a83fe2d..af1aedb 100644
--- a/schema/aws-qbusiness-webexperience.json
+++ b/schema/aws-qbusiness-webexperience.json
@@ -4,6 +4,135 @@
"/properties/ApplicationId"
],
"definitions": {
+ "BrowserExtension": {
+ "enum": [
+ "FIREFOX",
+ "CHROME"
+ ],
+ "type": "string"
+ },
+ "BrowserExtensionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "EnabledBrowserExtensions": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/BrowserExtension"
+ },
+ "maxItems": 2,
+ "minItems": 0,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "required": [
+ "EnabledBrowserExtensions"
+ ],
+ "type": "object"
+ },
+ "CustomizationConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "CustomCSSUrl": {
+ "maxLength": 1284,
+ "minLength": 0,
+ "pattern": "^(https?://[a-zA-Z0-9-_.+%/]+\\.css)?$",
+ "type": "string"
+ },
+ "FaviconUrl": {
+ "maxLength": 1284,
+ "minLength": 0,
+ "pattern": "^(https?://[a-zA-Z0-9-_.+%/]+\\.(svg|ico))?$",
+ "type": "string"
+ },
+ "FontUrl": {
+ "maxLength": 1284,
+ "minLength": 0,
+ "pattern": "^(https?://[a-zA-Z0-9-_.+%/]+\\.(ttf|woff|woff2|otf))?$",
+ "type": "string"
+ },
+ "LogoUrl": {
+ "maxLength": 1284,
+ "minLength": 0,
+ "pattern": "^(https?://[a-zA-Z0-9-_.+%/]+\\.(svg|png))?$",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "IdentityProviderConfiguration": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "SamlConfiguration": {
+ "$ref": "#/definitions/SamlProviderConfiguration"
+ }
+ },
+ "required": [
+ "SamlConfiguration"
+ ],
+ "title": "SamlConfiguration",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "OpenIDConnectConfiguration": {
+ "$ref": "#/definitions/OpenIDConnectProviderConfiguration"
+ }
+ },
+ "required": [
+ "OpenIDConnectConfiguration"
+ ],
+ "title": "OpenIDConnectConfiguration",
+ "type": "object"
+ }
+ ]
+ },
+ "OpenIDConnectProviderConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "SecretsArn": {
+ "maxLength": 1284,
+ "minLength": 0,
+ "pattern": "^arn:[a-z0-9-\\.]{1,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[^/].{0,1023}$",
+ "type": "string"
+ },
+ "SecretsRole": {
+ "maxLength": 1284,
+ "minLength": 0,
+ "pattern": "^arn:[a-z0-9-\\.]{1,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[a-z0-9-\\.]{0,63}:[^/].{0,1023}$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "SecretsArn",
+ "SecretsRole"
+ ],
+ "type": "object"
+ },
+ "Origin": {
+ "maxLength": 64,
+ "minLength": 1,
+ "pattern": "^(http:\\/\\/|https:\\/\\/)[a-zA-Z0-9-_.]+(?::[0-9]{1,5})?$",
+ "type": "string"
+ },
+ "SamlProviderConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "AuthenticationUrl": {
+ "maxLength": 1284,
+ "minLength": 1,
+ "pattern": "^https://.*$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "AuthenticationUrl"
+ ],
+ "type": "object"
+ },
"Tag": {
"additionalProperties": false,
"properties": {
@@ -106,16 +235,34 @@
"pattern": "^[a-zA-Z0-9][a-zA-Z0-9-]{35}$",
"type": "string"
},
+ "BrowserExtensionConfiguration": {
+ "$ref": "#/definitions/BrowserExtensionConfiguration"
+ },
"CreatedAt": {
"format": "date-time",
"type": "string"
},
+ "CustomizationConfiguration": {
+ "$ref": "#/definitions/CustomizationConfiguration"
+ },
"DefaultEndpoint": {
"maxLength": 2048,
"minLength": 1,
"pattern": "^(https?|ftp|file)://([^\\s]*)$",
"type": "string"
},
+ "IdentityProviderConfiguration": {
+ "$ref": "#/definitions/IdentityProviderConfiguration"
+ },
+ "Origins": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Origin"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
"RoleArn": {
"maxLength": 1284,
"minLength": 0,
@@ -184,6 +331,15 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-qbusiness",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "qbusiness:UntagResource",
+ "qbusiness:TagResource",
+ "qbusiness:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::QBusiness::WebExperience"
diff --git a/schema/aws-qldb-stream.json b/schema/aws-qldb-stream.json
index eff3eb4..03c7a62 100644
--- a/schema/aws-qldb-stream.json
+++ b/schema/aws-qldb-stream.json
@@ -66,6 +66,16 @@
]
},
"list": {
+ "handlerSchema": {
+ "properties": {
+ "LedgerName": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "LedgerName"
+ ]
+ },
"permissions": [
"qldb:listJournalKinesisStreamsForLedger"
]
diff --git a/schema/aws-quicksight-analysis.json b/schema/aws-quicksight-analysis.json
index af1cdca..2a8a678 100644
--- a/schema/aws-quicksight-analysis.json
+++ b/schema/aws-quicksight-analysis.json
@@ -107,6 +107,9 @@
"minItems": 0,
"type": "array"
},
+ "QueryExecutionOptions": {
+ "$ref": "#/definitions/QueryExecutionOptions"
+ },
"Sheets": {
"items": {
"$ref": "#/definitions/SheetDefinition"
@@ -114,6 +117,14 @@
"maxItems": 20,
"minItems": 0,
"type": "array"
+ },
+ "StaticFiles": {
+ "items": {
+ "$ref": "#/definitions/StaticFile"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
}
},
"required": [
@@ -527,6 +538,9 @@
"FieldWells": {
"$ref": "#/definitions/BarChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -645,6 +659,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -708,6 +727,9 @@
"PageBreakConfiguration": {
"$ref": "#/definitions/SectionPageBreakConfiguration"
},
+ "RepeatConfiguration": {
+ "$ref": "#/definitions/BodySectionRepeatConfiguration"
+ },
"SectionId": {
"maxLength": 512,
"minLength": 1,
@@ -733,6 +755,105 @@
},
"type": "object"
},
+ "BodySectionDynamicCategoryDimensionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Column": {
+ "$ref": "#/definitions/ColumnIdentifier"
+ },
+ "Limit": {
+ "maximum": 1000,
+ "minimum": 1,
+ "type": "number"
+ },
+ "SortByMetrics": {
+ "items": {
+ "$ref": "#/definitions/ColumnSort"
+ },
+ "maxItems": 100,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Column"
+ ],
+ "type": "object"
+ },
+ "BodySectionDynamicNumericDimensionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Column": {
+ "$ref": "#/definitions/ColumnIdentifier"
+ },
+ "Limit": {
+ "maximum": 1000,
+ "minimum": 1,
+ "type": "number"
+ },
+ "SortByMetrics": {
+ "items": {
+ "$ref": "#/definitions/ColumnSort"
+ },
+ "maxItems": 100,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Column"
+ ],
+ "type": "object"
+ },
+ "BodySectionRepeatConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "DimensionConfigurations": {
+ "items": {
+ "$ref": "#/definitions/BodySectionRepeatDimensionConfiguration"
+ },
+ "maxItems": 3,
+ "minItems": 0,
+ "type": "array"
+ },
+ "NonRepeatingVisuals": {
+ "items": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "maxItems": 20,
+ "minItems": 0,
+ "type": "array"
+ },
+ "PageBreakConfiguration": {
+ "$ref": "#/definitions/BodySectionRepeatPageBreakConfiguration"
+ }
+ },
+ "type": "object"
+ },
+ "BodySectionRepeatDimensionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "DynamicCategoryDimensionConfiguration": {
+ "$ref": "#/definitions/BodySectionDynamicCategoryDimensionConfiguration"
+ },
+ "DynamicNumericDimensionConfiguration": {
+ "$ref": "#/definitions/BodySectionDynamicNumericDimensionConfiguration"
+ }
+ },
+ "type": "object"
+ },
+ "BodySectionRepeatPageBreakConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "After": {
+ "$ref": "#/definitions/SectionAfterPageBreak"
+ }
+ },
+ "type": "object"
+ },
"BoxPlotAggregatedFieldWells": {
"additionalProperties": false,
"properties": {
@@ -770,6 +891,9 @@
"FieldWells": {
"$ref": "#/definitions/BoxPlotFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -884,6 +1008,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -1106,6 +1235,25 @@
],
"type": "string"
},
+ "CategoryInnerFilter": {
+ "additionalProperties": false,
+ "properties": {
+ "Column": {
+ "$ref": "#/definitions/ColumnIdentifier"
+ },
+ "Configuration": {
+ "$ref": "#/definitions/CategoryFilterConfiguration"
+ },
+ "DefaultFilterControlConfiguration": {
+ "$ref": "#/definitions/DefaultFilterControlConfiguration"
+ }
+ },
+ "required": [
+ "Column",
+ "Configuration"
+ ],
+ "type": "object"
+ },
"ChartAxisLabelOptions": {
"additionalProperties": false,
"properties": {
@@ -1283,6 +1431,9 @@
"Label": {
"type": "string"
},
+ "TooltipTarget": {
+ "$ref": "#/definitions/TooltipTarget"
+ },
"Visibility": {
"$ref": "#/definitions/Visibility"
}
@@ -1351,6 +1502,9 @@
"FieldWells": {
"$ref": "#/definitions/ComboChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -1377,6 +1531,9 @@
"SecondaryYAxisLabelOptions": {
"$ref": "#/definitions/ChartAxisLabelOptions"
},
+ "SingleAxisOptions": {
+ "$ref": "#/definitions/SingleAxisOptions"
+ },
"SortConfiguration": {
"$ref": "#/definitions/ComboChartSortConfiguration"
},
@@ -1454,6 +1611,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -1466,6 +1628,13 @@
],
"type": "object"
},
+ "CommitMode": {
+ "enum": [
+ "AUTO",
+ "MANUAL"
+ ],
+ "type": "string"
+ },
"ComparisonConfiguration": {
"additionalProperties": false,
"properties": {
@@ -1680,6 +1849,15 @@
],
"type": "object"
},
+ "ContextMenuOption": {
+ "additionalProperties": false,
+ "properties": {
+ "AvailabilityStatus": {
+ "$ref": "#/definitions/DashboardBehavior"
+ }
+ },
+ "type": "object"
+ },
"ContributionAnalysisDefault": {
"additionalProperties": false,
"properties": {
@@ -1839,6 +2017,9 @@
},
"ImageScaling": {
"$ref": "#/definitions/CustomContentImageScalingConfiguration"
+ },
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
}
},
"type": "object"
@@ -1884,6 +2065,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -2024,6 +2210,13 @@
],
"type": "object"
},
+ "DashboardBehavior": {
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"DataBarsOptions": {
"additionalProperties": false,
"properties": {
@@ -2488,11 +2681,17 @@
"DateTimePickerControlDisplayOptions": {
"additionalProperties": false,
"properties": {
+ "DateIconVisibility": {
+ "$ref": "#/definitions/Visibility"
+ },
"DateTimeFormat": {
"maxLength": 128,
"minLength": 1,
"type": "string"
},
+ "HelperTextVisibility": {
+ "$ref": "#/definitions/Visibility"
+ },
"InfoIconLabelOptions": {
"$ref": "#/definitions/SheetControlInfoIconLabelOptions"
},
@@ -2631,6 +2830,9 @@
"DefaultDateTimePickerControlOptions": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DateTimePickerControlDisplayOptions"
},
@@ -2688,6 +2890,9 @@
"DefaultFilterDropDownControlOptions": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DropDownControlDisplayOptions"
},
@@ -2778,6 +2983,9 @@
"DefaultRelativeDateTimeControlOptions": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/RelativeDateTimeControlDisplayOptions"
}
@@ -2871,6 +3079,13 @@
},
"type": "object"
},
+ "DigitGroupingStyle": {
+ "enum": [
+ "DEFAULT",
+ "LAKHS"
+ ],
+ "type": "string"
+ },
"DimensionField": {
"additionalProperties": false,
"properties": {
@@ -3141,6 +3356,9 @@
"Label": {
"type": "string"
},
+ "TooltipTarget": {
+ "$ref": "#/definitions/TooltipTarget"
+ },
"Visibility": {
"$ref": "#/definitions/Visibility"
}
@@ -3207,6 +3425,9 @@
"FieldWells": {
"$ref": "#/definitions/FilledMapFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -3296,6 +3517,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -3314,6 +3540,9 @@
"CategoryFilter": {
"$ref": "#/definitions/CategoryFilter"
},
+ "NestedFilter": {
+ "$ref": "#/definitions/NestedFilter"
+ },
"NumericEqualityFilter": {
"$ref": "#/definitions/NumericEqualityFilter"
},
@@ -3393,6 +3622,9 @@
"FilterDateTimePickerControl": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DateTimePickerControlDisplayOptions"
},
@@ -3430,6 +3662,9 @@
"CascadingControlConfiguration": {
"$ref": "#/definitions/CascadingControlConfiguration"
},
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DropDownControlDisplayOptions"
},
@@ -3615,6 +3850,9 @@
"FilterRelativeDateTimeControl": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/RelativeDateTimeControlDisplayOptions"
},
@@ -3802,6 +4040,9 @@
"FontDecoration": {
"$ref": "#/definitions/FontDecoration"
},
+ "FontFamily": {
+ "type": "string"
+ },
"FontSize": {
"$ref": "#/definitions/FontSize"
},
@@ -3824,6 +4065,10 @@
"FontSize": {
"additionalProperties": false,
"properties": {
+ "Absolute": {
+ "description": "String based length that is composed of value and unit in px",
+ "type": "string"
+ },
"Relative": {
"$ref": "#/definitions/RelativeFontSize"
}
@@ -4136,6 +4381,9 @@
"FieldWells": {
"$ref": "#/definitions/FunnelChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"SortConfiguration": {
"$ref": "#/definitions/FunnelChartSortConfiguration"
},
@@ -4243,6 +4491,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -4264,6 +4517,20 @@
},
"type": "object"
},
+ "GaugeChartColorConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "BackgroundColor": {
+ "pattern": "^#[A-F0-9]{6}$",
+ "type": "string"
+ },
+ "ForegroundColor": {
+ "pattern": "^#[A-F0-9]{6}$",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"GaugeChartConditionalFormatting": {
"additionalProperties": false,
"properties": {
@@ -4293,6 +4560,9 @@
"GaugeChartConfiguration": {
"additionalProperties": false,
"properties": {
+ "ColorConfiguration": {
+ "$ref": "#/definitions/GaugeChartColorConfiguration"
+ },
"DataLabels": {
"$ref": "#/definitions/DataLabelOptions"
},
@@ -4302,6 +4572,9 @@
"GaugeChartOptions": {
"$ref": "#/definitions/GaugeChartOptions"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"TooltipOptions": {
"$ref": "#/definitions/TooltipOptions"
},
@@ -4389,6 +4662,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -4401,74 +4679,391 @@
],
"type": "object"
},
- "GeospatialCoordinateBounds": {
+ "GeospatialCategoricalColor": {
"additionalProperties": false,
"properties": {
- "East": {
- "maximum": 1800,
- "minimum": -1800,
- "type": "number"
+ "CategoryDataColors": {
+ "items": {
+ "$ref": "#/definitions/GeospatialCategoricalDataColor"
+ },
+ "type": "array"
},
- "North": {
- "maximum": 90,
- "minimum": -90,
+ "DefaultOpacity": {
+ "maximum": 1,
+ "minimum": 0,
"type": "number"
},
- "South": {
- "maximum": 90,
- "minimum": -90,
- "type": "number"
+ "NullDataSettings": {
+ "$ref": "#/definitions/GeospatialNullDataSettings"
},
- "West": {
- "maximum": 1800,
- "minimum": -1800,
- "type": "number"
+ "NullDataVisibility": {
+ "$ref": "#/definitions/Visibility"
}
},
"required": [
- "East",
- "North",
- "South",
- "West"
+ "CategoryDataColors"
],
"type": "object"
},
- "GeospatialHeatmapColorScale": {
+ "GeospatialCategoricalDataColor": {
"additionalProperties": false,
"properties": {
- "Colors": {
- "items": {
- "$ref": "#/definitions/GeospatialHeatmapDataColor"
- },
- "maxItems": 2,
- "minItems": 2,
- "type": "array"
+ "Color": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "DataValue": {
+ "type": "string"
}
},
+ "required": [
+ "Color",
+ "DataValue"
+ ],
"type": "object"
},
- "GeospatialHeatmapConfiguration": {
+ "GeospatialCircleRadius": {
"additionalProperties": false,
"properties": {
- "HeatmapColor": {
- "$ref": "#/definitions/GeospatialHeatmapColorScale"
+ "Radius": {
+ "minimum": 0,
+ "type": "number"
}
},
"type": "object"
},
- "GeospatialHeatmapDataColor": {
+ "GeospatialCircleSymbolStyle": {
"additionalProperties": false,
"properties": {
- "Color": {
- "pattern": "^#[A-F0-9]{6}$",
- "type": "string"
+ "CircleRadius": {
+ "$ref": "#/definitions/GeospatialCircleRadius"
+ },
+ "FillColor": {
+ "$ref": "#/definitions/GeospatialColor"
+ },
+ "StrokeColor": {
+ "$ref": "#/definitions/GeospatialColor"
+ },
+ "StrokeWidth": {
+ "$ref": "#/definitions/GeospatialLineWidth"
}
},
- "required": [
- "Color"
+ "type": "object"
+ },
+ "GeospatialColor": {
+ "additionalProperties": false,
+ "properties": {
+ "Categorical": {
+ "$ref": "#/definitions/GeospatialCategoricalColor"
+ },
+ "Gradient": {
+ "$ref": "#/definitions/GeospatialGradientColor"
+ },
+ "Solid": {
+ "$ref": "#/definitions/GeospatialSolidColor"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialColorState": {
+ "description": "Defines view state of the color",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "GeospatialCoordinateBounds": {
+ "additionalProperties": false,
+ "properties": {
+ "East": {
+ "maximum": 1800,
+ "minimum": -1800,
+ "type": "number"
+ },
+ "North": {
+ "maximum": 90,
+ "minimum": -90,
+ "type": "number"
+ },
+ "South": {
+ "maximum": 90,
+ "minimum": -90,
+ "type": "number"
+ },
+ "West": {
+ "maximum": 1800,
+ "minimum": -1800,
+ "type": "number"
+ }
+ },
+ "required": [
+ "East",
+ "North",
+ "South",
+ "West"
+ ],
+ "type": "object"
+ },
+ "GeospatialDataSourceItem": {
+ "additionalProperties": false,
+ "properties": {
+ "StaticFileDataSource": {
+ "$ref": "#/definitions/GeospatialStaticFileSource"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialGradientColor": {
+ "additionalProperties": false,
+ "properties": {
+ "DefaultOpacity": {
+ "maximum": 1,
+ "minimum": 0,
+ "type": "number"
+ },
+ "NullDataSettings": {
+ "$ref": "#/definitions/GeospatialNullDataSettings"
+ },
+ "NullDataVisibility": {
+ "$ref": "#/definitions/Visibility"
+ },
+ "StepColors": {
+ "items": {
+ "$ref": "#/definitions/GeospatialGradientStepColor"
+ },
+ "maxItems": 3,
+ "minItems": 2,
+ "type": "array"
+ }
+ },
+ "required": [
+ "StepColors"
+ ],
+ "type": "object"
+ },
+ "GeospatialGradientStepColor": {
+ "additionalProperties": false,
+ "properties": {
+ "Color": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "DataValue": {
+ "default": 0,
+ "type": "number"
+ }
+ },
+ "required": [
+ "Color",
+ "DataValue"
+ ],
+ "type": "object"
+ },
+ "GeospatialHeatmapColorScale": {
+ "additionalProperties": false,
+ "properties": {
+ "Colors": {
+ "items": {
+ "$ref": "#/definitions/GeospatialHeatmapDataColor"
+ },
+ "maxItems": 2,
+ "minItems": 2,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialHeatmapConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "HeatmapColor": {
+ "$ref": "#/definitions/GeospatialHeatmapColorScale"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialHeatmapDataColor": {
+ "additionalProperties": false,
+ "properties": {
+ "Color": {
+ "pattern": "^#[A-F0-9]{6}$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Color"
+ ],
+ "type": "object"
+ },
+ "GeospatialLayerColorField": {
+ "additionalProperties": false,
+ "properties": {
+ "ColorDimensionsFields": {
+ "items": {
+ "$ref": "#/definitions/DimensionField"
+ },
+ "maxItems": 1,
+ "minItems": 0,
+ "type": "array"
+ },
+ "ColorValuesFields": {
+ "items": {
+ "$ref": "#/definitions/MeasureField"
+ },
+ "maxItems": 1,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialLayerDefinition": {
+ "additionalProperties": false,
+ "properties": {
+ "LineLayer": {
+ "$ref": "#/definitions/GeospatialLineLayer"
+ },
+ "PointLayer": {
+ "$ref": "#/definitions/GeospatialPointLayer"
+ },
+ "PolygonLayer": {
+ "$ref": "#/definitions/GeospatialPolygonLayer"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialLayerItem": {
+ "additionalProperties": false,
+ "properties": {
+ "Actions": {
+ "items": {
+ "$ref": "#/definitions/LayerCustomAction"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
+ "DataSource": {
+ "$ref": "#/definitions/GeospatialDataSourceItem"
+ },
+ "JoinDefinition": {
+ "$ref": "#/definitions/GeospatialLayerJoinDefinition"
+ },
+ "Label": {
+ "type": "string"
+ },
+ "LayerDefinition": {
+ "$ref": "#/definitions/GeospatialLayerDefinition"
+ },
+ "LayerId": {
+ "type": "string"
+ },
+ "LayerType": {
+ "$ref": "#/definitions/GeospatialLayerType"
+ },
+ "Tooltip": {
+ "$ref": "#/definitions/TooltipOptions"
+ },
+ "Visibility": {
+ "$ref": "#/definitions/Visibility"
+ }
+ },
+ "required": [
+ "LayerId"
],
"type": "object"
},
+ "GeospatialLayerJoinDefinition": {
+ "additionalProperties": false,
+ "properties": {
+ "ColorField": {
+ "$ref": "#/definitions/GeospatialLayerColorField"
+ },
+ "DatasetKeyField": {
+ "$ref": "#/definitions/UnaggregatedField"
+ },
+ "ShapeKeyField": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialLayerMapConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
+ "Legend": {
+ "$ref": "#/definitions/LegendOptions"
+ },
+ "MapLayers": {
+ "items": {
+ "$ref": "#/definitions/GeospatialLayerItem"
+ },
+ "type": "array"
+ },
+ "MapState": {
+ "$ref": "#/definitions/GeospatialMapState"
+ },
+ "MapStyle": {
+ "$ref": "#/definitions/GeospatialMapStyle"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialLayerType": {
+ "enum": [
+ "POINT",
+ "LINE",
+ "POLYGON"
+ ],
+ "type": "string"
+ },
+ "GeospatialLineLayer": {
+ "additionalProperties": false,
+ "properties": {
+ "Style": {
+ "$ref": "#/definitions/GeospatialLineStyle"
+ }
+ },
+ "required": [
+ "Style"
+ ],
+ "type": "object"
+ },
+ "GeospatialLineStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "LineSymbolStyle": {
+ "$ref": "#/definitions/GeospatialLineSymbolStyle"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialLineSymbolStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "FillColor": {
+ "$ref": "#/definitions/GeospatialColor"
+ },
+ "LineWidth": {
+ "$ref": "#/definitions/GeospatialLineWidth"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialLineWidth": {
+ "additionalProperties": false,
+ "properties": {
+ "LineWidth": {
+ "minimum": 0,
+ "type": "number"
+ }
+ },
+ "type": "object"
+ },
"GeospatialMapAggregatedFieldWells": {
"additionalProperties": false,
"properties": {
@@ -4505,6 +5100,9 @@
"FieldWells": {
"$ref": "#/definitions/GeospatialMapFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -4535,6 +5133,41 @@
},
"type": "object"
},
+ "GeospatialMapNavigation": {
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "GeospatialMapState": {
+ "additionalProperties": false,
+ "properties": {
+ "Bounds": {
+ "$ref": "#/definitions/GeospatialCoordinateBounds"
+ },
+ "MapNavigation": {
+ "$ref": "#/definitions/GeospatialMapNavigation"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialMapStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "BackgroundColor": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "BaseMapStyle": {
+ "$ref": "#/definitions/BaseMapStyleType"
+ },
+ "BaseMapVisibility": {
+ "$ref": "#/definitions/Visibility"
+ }
+ },
+ "type": "object"
+ },
"GeospatialMapStyleOptions": {
"additionalProperties": false,
"properties": {
@@ -4572,6 +5205,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -4584,6 +5222,57 @@
],
"type": "object"
},
+ "GeospatialNullDataSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "SymbolStyle": {
+ "$ref": "#/definitions/GeospatialNullSymbolStyle"
+ }
+ },
+ "required": [
+ "SymbolStyle"
+ ],
+ "type": "object"
+ },
+ "GeospatialNullSymbolStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "FillColor": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "StrokeColor": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "StrokeWidth": {
+ "minimum": 0,
+ "type": "number"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialPointLayer": {
+ "additionalProperties": false,
+ "properties": {
+ "Style": {
+ "$ref": "#/definitions/GeospatialPointStyle"
+ }
+ },
+ "required": [
+ "Style"
+ ],
+ "type": "object"
+ },
+ "GeospatialPointStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "CircleSymbolStyle": {
+ "$ref": "#/definitions/GeospatialCircleSymbolStyle"
+ }
+ },
+ "type": "object"
+ },
"GeospatialPointStyleOptions": {
"additionalProperties": false,
"properties": {
@@ -4599,13 +5288,81 @@
},
"type": "object"
},
+ "GeospatialPolygonLayer": {
+ "additionalProperties": false,
+ "properties": {
+ "Style": {
+ "$ref": "#/definitions/GeospatialPolygonStyle"
+ }
+ },
+ "required": [
+ "Style"
+ ],
+ "type": "object"
+ },
+ "GeospatialPolygonStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "PolygonSymbolStyle": {
+ "$ref": "#/definitions/GeospatialPolygonSymbolStyle"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialPolygonSymbolStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "FillColor": {
+ "$ref": "#/definitions/GeospatialColor"
+ },
+ "StrokeColor": {
+ "$ref": "#/definitions/GeospatialColor"
+ },
+ "StrokeWidth": {
+ "$ref": "#/definitions/GeospatialLineWidth"
+ }
+ },
+ "type": "object"
+ },
"GeospatialSelectedPointStyle": {
"enum": [
"POINT",
"CLUSTER",
"HEATMAP"
],
- "type": "string"
+ "type": "string"
+ },
+ "GeospatialSolidColor": {
+ "additionalProperties": false,
+ "description": "Describes the properties for a solid color",
+ "properties": {
+ "Color": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "State": {
+ "$ref": "#/definitions/GeospatialColorState"
+ }
+ },
+ "required": [
+ "Color"
+ ],
+ "type": "object"
+ },
+ "GeospatialStaticFileSource": {
+ "additionalProperties": false,
+ "properties": {
+ "StaticFileId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "StaticFileId"
+ ],
+ "type": "object"
},
"GeospatialWindowOptions": {
"additionalProperties": false,
@@ -4849,6 +5606,9 @@
"FieldWells": {
"$ref": "#/definitions/HeatMapFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -4929,6 +5689,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -4993,6 +5758,9 @@
"FieldWells": {
"$ref": "#/definitions/HistogramFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Tooltip": {
"$ref": "#/definitions/TooltipOptions"
},
@@ -5040,6 +5808,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -5092,6 +5865,110 @@
],
"type": "string"
},
+ "ImageCustomAction": {
+ "additionalProperties": false,
+ "properties": {
+ "ActionOperations": {
+ "items": {
+ "$ref": "#/definitions/ImageCustomActionOperation"
+ },
+ "maxItems": 2,
+ "minItems": 1,
+ "type": "array"
+ },
+ "CustomActionId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "Name": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/WidgetStatus"
+ },
+ "Trigger": {
+ "$ref": "#/definitions/ImageCustomActionTrigger"
+ }
+ },
+ "required": [
+ "ActionOperations",
+ "CustomActionId",
+ "Name",
+ "Trigger"
+ ],
+ "type": "object"
+ },
+ "ImageCustomActionOperation": {
+ "additionalProperties": false,
+ "properties": {
+ "NavigationOperation": {
+ "$ref": "#/definitions/CustomActionNavigationOperation"
+ },
+ "SetParametersOperation": {
+ "$ref": "#/definitions/CustomActionSetParametersOperation"
+ },
+ "URLOperation": {
+ "$ref": "#/definitions/CustomActionURLOperation"
+ }
+ },
+ "type": "object"
+ },
+ "ImageCustomActionTrigger": {
+ "enum": [
+ "CLICK",
+ "MENU"
+ ],
+ "type": "string"
+ },
+ "ImageInteractionOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "ImageMenuOption": {
+ "$ref": "#/definitions/ImageMenuOption"
+ }
+ },
+ "type": "object"
+ },
+ "ImageMenuOption": {
+ "additionalProperties": false,
+ "properties": {
+ "AvailabilityStatus": {
+ "$ref": "#/definitions/DashboardBehavior"
+ }
+ },
+ "type": "object"
+ },
+ "ImageStaticFile": {
+ "additionalProperties": false,
+ "properties": {
+ "Source": {
+ "$ref": "#/definitions/StaticFileSource"
+ },
+ "StaticFileId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "StaticFileId"
+ ],
+ "type": "object"
+ },
+ "InnerFilter": {
+ "additionalProperties": false,
+ "properties": {
+ "CategoryInnerFilter": {
+ "$ref": "#/definitions/CategoryInnerFilter"
+ }
+ },
+ "type": "object"
+ },
"InsightConfiguration": {
"additionalProperties": false,
"properties": {
@@ -5105,6 +5982,9 @@
},
"CustomNarrative": {
"$ref": "#/definitions/CustomNarrativeOptions"
+ },
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
}
},
"type": "object"
@@ -5134,6 +6014,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -5309,6 +6194,9 @@
"FieldWells": {
"$ref": "#/definitions/KPIFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"KPIOptions": {
"$ref": "#/definitions/KPIOptions"
},
@@ -5433,42 +6321,181 @@
"$ref": "#/definitions/Visibility"
}
},
- "required": [
- "Type"
- ],
+ "required": [
+ "Type"
+ ],
+ "type": "object"
+ },
+ "KPISparklineType": {
+ "enum": [
+ "LINE",
+ "AREA"
+ ],
+ "type": "string"
+ },
+ "KPIVisual": {
+ "additionalProperties": false,
+ "properties": {
+ "Actions": {
+ "items": {
+ "$ref": "#/definitions/VisualCustomAction"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
+ "ChartConfiguration": {
+ "$ref": "#/definitions/KPIConfiguration"
+ },
+ "ColumnHierarchies": {
+ "items": {
+ "$ref": "#/definitions/ColumnHierarchy"
+ },
+ "maxItems": 2,
+ "minItems": 0,
+ "type": "array"
+ },
+ "ConditionalFormatting": {
+ "$ref": "#/definitions/KPIConditionalFormatting"
+ },
+ "Subtitle": {
+ "$ref": "#/definitions/VisualSubtitleLabelOptions"
+ },
+ "Title": {
+ "$ref": "#/definitions/VisualTitleLabelOptions"
+ },
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
+ "VisualId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "VisualId"
+ ],
+ "type": "object"
+ },
+ "KPIVisualLayoutOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "StandardLayout": {
+ "$ref": "#/definitions/KPIVisualStandardLayout"
+ }
+ },
+ "type": "object"
+ },
+ "KPIVisualStandardLayout": {
+ "additionalProperties": false,
+ "properties": {
+ "Type": {
+ "$ref": "#/definitions/KPIVisualStandardLayoutType"
+ }
+ },
+ "required": [
+ "Type"
+ ],
+ "type": "object"
+ },
+ "KPIVisualStandardLayoutType": {
+ "enum": [
+ "CLASSIC",
+ "VERTICAL"
+ ],
+ "type": "string"
+ },
+ "LabelOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "CustomLabel": {
+ "type": "string"
+ },
+ "FontConfiguration": {
+ "$ref": "#/definitions/FontConfiguration"
+ },
+ "Visibility": {
+ "$ref": "#/definitions/Visibility"
+ }
+ },
+ "type": "object"
+ },
+ "LayerCustomAction": {
+ "additionalProperties": false,
+ "properties": {
+ "ActionOperations": {
+ "items": {
+ "$ref": "#/definitions/LayerCustomActionOperation"
+ },
+ "maxItems": 2,
+ "minItems": 1,
+ "type": "array"
+ },
+ "CustomActionId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "Name": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/WidgetStatus"
+ },
+ "Trigger": {
+ "$ref": "#/definitions/LayerCustomActionTrigger"
+ }
+ },
+ "required": [
+ "ActionOperations",
+ "CustomActionId",
+ "Name",
+ "Trigger"
+ ],
+ "type": "object"
+ },
+ "LayerCustomActionOperation": {
+ "additionalProperties": false,
+ "properties": {
+ "FilterOperation": {
+ "$ref": "#/definitions/CustomActionFilterOperation"
+ },
+ "NavigationOperation": {
+ "$ref": "#/definitions/CustomActionNavigationOperation"
+ },
+ "SetParametersOperation": {
+ "$ref": "#/definitions/CustomActionSetParametersOperation"
+ },
+ "URLOperation": {
+ "$ref": "#/definitions/CustomActionURLOperation"
+ }
+ },
"type": "object"
},
- "KPISparklineType": {
+ "LayerCustomActionTrigger": {
"enum": [
- "LINE",
- "AREA"
+ "DATA_POINT_CLICK",
+ "DATA_POINT_MENU"
],
"type": "string"
},
- "KPIVisual": {
+ "LayerMapVisual": {
"additionalProperties": false,
"properties": {
- "Actions": {
- "items": {
- "$ref": "#/definitions/VisualCustomAction"
- },
- "maxItems": 10,
- "minItems": 0,
- "type": "array"
- },
"ChartConfiguration": {
- "$ref": "#/definitions/KPIConfiguration"
- },
- "ColumnHierarchies": {
- "items": {
- "$ref": "#/definitions/ColumnHierarchy"
- },
- "maxItems": 2,
- "minItems": 0,
- "type": "array"
+ "$ref": "#/definitions/GeospatialLayerMapConfiguration"
},
- "ConditionalFormatting": {
- "$ref": "#/definitions/KPIConditionalFormatting"
+ "DataSetIdentifier": {
+ "maxLength": 2048,
+ "minLength": 1,
+ "type": "string"
},
"Subtitle": {
"$ref": "#/definitions/VisualSubtitleLabelOptions"
@@ -5476,6 +6503,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -5484,53 +6516,11 @@
}
},
"required": [
+ "DataSetIdentifier",
"VisualId"
],
"type": "object"
},
- "KPIVisualLayoutOptions": {
- "additionalProperties": false,
- "properties": {
- "StandardLayout": {
- "$ref": "#/definitions/KPIVisualStandardLayout"
- }
- },
- "type": "object"
- },
- "KPIVisualStandardLayout": {
- "additionalProperties": false,
- "properties": {
- "Type": {
- "$ref": "#/definitions/KPIVisualStandardLayoutType"
- }
- },
- "required": [
- "Type"
- ],
- "type": "object"
- },
- "KPIVisualStandardLayoutType": {
- "enum": [
- "CLASSIC",
- "VERTICAL"
- ],
- "type": "string"
- },
- "LabelOptions": {
- "additionalProperties": false,
- "properties": {
- "CustomLabel": {
- "type": "string"
- },
- "FontConfiguration": {
- "$ref": "#/definitions/FontConfiguration"
- },
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
- },
- "type": "object"
- },
"Layout": {
"additionalProperties": false,
"properties": {
@@ -5563,7 +6553,8 @@
"VISUAL",
"FILTER_CONTROL",
"PARAMETER_CONTROL",
- "TEXT_BOX"
+ "TEXT_BOX",
+ "IMAGE"
],
"type": "string"
},
@@ -5580,6 +6571,9 @@
"Title": {
"$ref": "#/definitions/LabelOptions"
},
+ "ValueFontConfiguration": {
+ "$ref": "#/definitions/FontConfiguration"
+ },
"Visibility": {
"$ref": "#/definitions/Visibility"
},
@@ -5665,6 +6659,9 @@
"minItems": 0,
"type": "array"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -5696,6 +6693,9 @@
"minItems": 0,
"type": "array"
},
+ "SingleAxisOptions": {
+ "$ref": "#/definitions/SingleAxisOptions"
+ },
"SmallMultiplesOptions": {
"$ref": "#/definitions/SmallMultiplesOptions"
},
@@ -5880,6 +6880,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -6155,6 +7160,34 @@
],
"type": "string"
},
+ "NestedFilter": {
+ "additionalProperties": false,
+ "properties": {
+ "Column": {
+ "$ref": "#/definitions/ColumnIdentifier"
+ },
+ "FilterId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "IncludeInnerSet": {
+ "default": false,
+ "type": "boolean"
+ },
+ "InnerFilter": {
+ "$ref": "#/definitions/InnerFilter"
+ }
+ },
+ "required": [
+ "Column",
+ "FilterId",
+ "IncludeInnerSet",
+ "InnerFilter"
+ ],
+ "type": "object"
+ },
"NullValueFormatConfiguration": {
"additionalProperties": false,
"properties": {
@@ -6216,7 +7249,9 @@
"THOUSANDS",
"MILLIONS",
"BILLIONS",
- "TRILLIONS"
+ "TRILLIONS",
+ "LAKHS",
+ "CRORES"
],
"type": "string"
},
@@ -6654,6 +7689,9 @@
"CascadingControlConfiguration": {
"$ref": "#/definitions/CascadingControlConfiguration"
},
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DropDownControlDisplayOptions"
},
@@ -7069,6 +8107,9 @@
"FieldWells": {
"$ref": "#/definitions/PieChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -7155,6 +8196,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -7292,6 +8338,9 @@
"FieldWells": {
"$ref": "#/definitions/PivotTableFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"PaginatedReportOptions": {
"$ref": "#/definitions/PivotTablePaginatedReportOptions"
},
@@ -7610,6 +8659,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -7657,6 +8711,159 @@
},
"type": "object"
},
+ "PluginVisual": {
+ "additionalProperties": false,
+ "properties": {
+ "ChartConfiguration": {
+ "$ref": "#/definitions/PluginVisualConfiguration"
+ },
+ "PluginArn": {
+ "type": "string"
+ },
+ "Subtitle": {
+ "$ref": "#/definitions/VisualSubtitleLabelOptions"
+ },
+ "Title": {
+ "$ref": "#/definitions/VisualTitleLabelOptions"
+ },
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
+ "VisualId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "PluginArn",
+ "VisualId"
+ ],
+ "type": "object"
+ },
+ "PluginVisualAxisName": {
+ "enum": [
+ "GROUP_BY",
+ "VALUE"
+ ],
+ "type": "string"
+ },
+ "PluginVisualConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "FieldWells": {
+ "items": {
+ "$ref": "#/definitions/PluginVisualFieldWell"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
+ "SortConfiguration": {
+ "$ref": "#/definitions/PluginVisualSortConfiguration"
+ },
+ "VisualOptions": {
+ "$ref": "#/definitions/PluginVisualOptions"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualFieldWell": {
+ "additionalProperties": false,
+ "properties": {
+ "AxisName": {
+ "$ref": "#/definitions/PluginVisualAxisName"
+ },
+ "Dimensions": {
+ "items": {
+ "$ref": "#/definitions/DimensionField"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
+ },
+ "Measures": {
+ "items": {
+ "$ref": "#/definitions/MeasureField"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
+ },
+ "Unaggregated": {
+ "items": {
+ "$ref": "#/definitions/UnaggregatedField"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualItemsLimitConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ItemsLimit": {
+ "default": null,
+ "type": "number"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "VisualProperties": {
+ "items": {
+ "$ref": "#/definitions/PluginVisualProperty"
+ },
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualProperty": {
+ "additionalProperties": false,
+ "properties": {
+ "Name": {
+ "type": "string"
+ },
+ "Value": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualSortConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "PluginVisualTableQuerySort": {
+ "$ref": "#/definitions/PluginVisualTableQuerySort"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualTableQuerySort": {
+ "additionalProperties": false,
+ "properties": {
+ "ItemsLimitConfiguration": {
+ "$ref": "#/definitions/PluginVisualItemsLimitConfiguration"
+ },
+ "RowSort": {
+ "items": {
+ "$ref": "#/definitions/FieldSortOptions"
+ },
+ "maxItems": 100,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
"PredefinedHierarchy": {
"additionalProperties": false,
"properties": {
@@ -7696,11 +8903,27 @@
],
"type": "string"
},
- "ProgressBarOptions": {
+ "ProgressBarOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "Visibility": {
+ "$ref": "#/definitions/Visibility"
+ }
+ },
+ "type": "object"
+ },
+ "QueryExecutionMode": {
+ "enum": [
+ "AUTO",
+ "MANUAL"
+ ],
+ "type": "string"
+ },
+ "QueryExecutionOptions": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
+ "QueryExecutionMode": {
+ "$ref": "#/definitions/QueryExecutionMode"
}
},
"type": "object"
@@ -7787,6 +9010,9 @@
"FieldWells": {
"$ref": "#/definitions/RadarChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -7888,6 +9114,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -8315,6 +9546,9 @@
"FieldWells": {
"$ref": "#/definitions/SankeyDiagramFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"SortConfiguration": {
"$ref": "#/definitions/SankeyDiagramSortConfiguration"
}
@@ -8370,6 +9604,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -8437,9 +9676,15 @@
"FieldWells": {
"$ref": "#/definitions/ScatterPlotFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
+ "SortConfiguration": {
+ "$ref": "#/definitions/ScatterPlotSortConfiguration"
+ },
"Tooltip": {
"$ref": "#/definitions/TooltipOptions"
},
@@ -8473,6 +9718,15 @@
},
"type": "object"
},
+ "ScatterPlotSortConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ScatterPlotLimitConfiguration": {
+ "$ref": "#/definitions/ItemsLimitConfiguration"
+ }
+ },
+ "type": "object"
+ },
"ScatterPlotUnaggregatedFieldWells": {
"additionalProperties": false,
"properties": {
@@ -8547,6 +9801,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -8871,6 +10130,14 @@
"minItems": 0,
"type": "array"
},
+ "Images": {
+ "items": {
+ "$ref": "#/definitions/SheetImage"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
"Layouts": {
"items": {
"$ref": "#/definitions/Layout"
@@ -8960,6 +10227,112 @@
],
"type": "object"
},
+ "SheetImage": {
+ "additionalProperties": false,
+ "properties": {
+ "Actions": {
+ "items": {
+ "$ref": "#/definitions/ImageCustomAction"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
+ "ImageContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Interactions": {
+ "$ref": "#/definitions/ImageInteractionOptions"
+ },
+ "Scaling": {
+ "$ref": "#/definitions/SheetImageScalingConfiguration"
+ },
+ "SheetImageId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "Source": {
+ "$ref": "#/definitions/SheetImageSource"
+ },
+ "Tooltip": {
+ "$ref": "#/definitions/SheetImageTooltipConfiguration"
+ }
+ },
+ "required": [
+ "SheetImageId",
+ "Source"
+ ],
+ "type": "object"
+ },
+ "SheetImageScalingConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ScalingType": {
+ "$ref": "#/definitions/SheetImageScalingType"
+ }
+ },
+ "type": "object"
+ },
+ "SheetImageScalingType": {
+ "enum": [
+ "SCALE_TO_WIDTH",
+ "SCALE_TO_HEIGHT",
+ "SCALE_TO_CONTAINER",
+ "SCALE_NONE"
+ ],
+ "type": "string"
+ },
+ "SheetImageSource": {
+ "additionalProperties": false,
+ "properties": {
+ "SheetImageStaticFileSource": {
+ "$ref": "#/definitions/SheetImageStaticFileSource"
+ }
+ },
+ "type": "object"
+ },
+ "SheetImageStaticFileSource": {
+ "additionalProperties": false,
+ "properties": {
+ "StaticFileId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "StaticFileId"
+ ],
+ "type": "object"
+ },
+ "SheetImageTooltipConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "TooltipText": {
+ "$ref": "#/definitions/SheetImageTooltipText"
+ },
+ "Visibility": {
+ "$ref": "#/definitions/Visibility"
+ }
+ },
+ "type": "object"
+ },
+ "SheetImageTooltipText": {
+ "additionalProperties": false,
+ "properties": {
+ "PlainText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"SheetTextBox": {
"additionalProperties": false,
"properties": {
@@ -9069,6 +10442,21 @@
],
"type": "string"
},
+ "SingleAxisOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "YAxisOptions": {
+ "$ref": "#/definitions/YAxisOptions"
+ }
+ },
+ "type": "object"
+ },
+ "SingleYAxisOption": {
+ "enum": [
+ "PRIMARY_Y_AXIS"
+ ],
+ "type": "string"
+ },
"SliderControlDisplayOptions": {
"additionalProperties": false,
"properties": {
@@ -9161,6 +10549,24 @@
},
"type": "object"
},
+ "SpatialStaticFile": {
+ "additionalProperties": false,
+ "properties": {
+ "Source": {
+ "$ref": "#/definitions/StaticFileSource"
+ },
+ "StaticFileId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "StaticFileId"
+ ],
+ "type": "object"
+ },
"SpecialValue": {
"enum": [
"EMPTY",
@@ -9169,6 +10575,62 @@
],
"type": "string"
},
+ "StaticFile": {
+ "additionalProperties": false,
+ "properties": {
+ "ImageStaticFile": {
+ "$ref": "#/definitions/ImageStaticFile"
+ },
+ "SpatialStaticFile": {
+ "$ref": "#/definitions/SpatialStaticFile"
+ }
+ },
+ "type": "object"
+ },
+ "StaticFileS3SourceOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "BucketName": {
+ "type": "string"
+ },
+ "ObjectKey": {
+ "type": "string"
+ },
+ "Region": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "BucketName",
+ "ObjectKey",
+ "Region"
+ ],
+ "type": "object"
+ },
+ "StaticFileSource": {
+ "additionalProperties": false,
+ "properties": {
+ "S3Options": {
+ "$ref": "#/definitions/StaticFileS3SourceOptions"
+ },
+ "UrlOptions": {
+ "$ref": "#/definitions/StaticFileUrlSourceOptions"
+ }
+ },
+ "type": "object"
+ },
+ "StaticFileUrlSourceOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "Url": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "Url"
+ ],
+ "type": "object"
+ },
"StringDefaultValues": {
"additionalProperties": false,
"properties": {
@@ -9463,6 +10925,9 @@
"FieldWells": {
"$ref": "#/definitions/TableFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"PaginatedReportOptions": {
"$ref": "#/definitions/TablePaginatedReportOptions"
},
@@ -9605,6 +11070,14 @@
"maxItems": 100,
"minItems": 0,
"type": "array"
+ },
+ "TransposedTableOptions": {
+ "items": {
+ "$ref": "#/definitions/TransposedTableOption"
+ },
+ "maxItems": 10001,
+ "minItems": 0,
+ "type": "array"
}
},
"type": "object"
@@ -9812,6 +11285,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -9917,6 +11395,9 @@
"ThousandSeparatorOptions": {
"additionalProperties": false,
"properties": {
+ "GroupingStyle": {
+ "$ref": "#/definitions/DigitGroupingStyle"
+ },
"Symbol": {
"$ref": "#/definitions/NumericSeparatorSymbol"
},
@@ -10130,6 +11611,14 @@
},
"type": "object"
},
+ "TooltipTarget": {
+ "enum": [
+ "BOTH",
+ "BAR",
+ "LINE"
+ ],
+ "type": "string"
+ },
"TooltipTitleType": {
"enum": [
"NONE",
@@ -10346,6 +11835,34 @@
},
"type": "object"
},
+ "TransposedColumnType": {
+ "enum": [
+ "ROW_HEADER_COLUMN",
+ "VALUE_COLUMN"
+ ],
+ "type": "string"
+ },
+ "TransposedTableOption": {
+ "additionalProperties": false,
+ "properties": {
+ "ColumnIndex": {
+ "maximum": 9999,
+ "minimum": 0,
+ "type": "number"
+ },
+ "ColumnType": {
+ "$ref": "#/definitions/TransposedColumnType"
+ },
+ "ColumnWidth": {
+ "description": "String based length that is composed of value and unit in px",
+ "type": "string"
+ }
+ },
+ "required": [
+ "ColumnType"
+ ],
+ "type": "object"
+ },
"TreeMapAggregatedFieldWells": {
"additionalProperties": false,
"properties": {
@@ -10394,6 +11911,9 @@
"GroupLabelOptions": {
"$ref": "#/definitions/ChartAxisLabelOptions"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -10463,6 +11983,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -10628,6 +12153,9 @@
"KPIVisual": {
"$ref": "#/definitions/KPIVisual"
},
+ "LayerMapVisual": {
+ "$ref": "#/definitions/LayerMapVisual"
+ },
"LineChartVisual": {
"$ref": "#/definitions/LineChartVisual"
},
@@ -10637,6 +12165,9 @@
"PivotTableVisual": {
"$ref": "#/definitions/PivotTableVisual"
},
+ "PluginVisual": {
+ "$ref": "#/definitions/PluginVisual"
+ },
"RadarChartVisual": {
"$ref": "#/definitions/RadarChartVisual"
},
@@ -10723,6 +12254,27 @@
],
"type": "string"
},
+ "VisualInteractionOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "ContextMenuOption": {
+ "$ref": "#/definitions/ContextMenuOption"
+ },
+ "VisualMenuOption": {
+ "$ref": "#/definitions/VisualMenuOption"
+ }
+ },
+ "type": "object"
+ },
+ "VisualMenuOption": {
+ "additionalProperties": false,
+ "properties": {
+ "AvailabilityStatus": {
+ "$ref": "#/definitions/DashboardBehavior"
+ }
+ },
+ "type": "object"
+ },
"VisualPalette": {
"additionalProperties": false,
"properties": {
@@ -10822,6 +12374,9 @@
"FieldWells": {
"$ref": "#/definitions/WaterfallChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -10924,6 +12479,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -11015,6 +12575,9 @@
"FieldWells": {
"$ref": "#/definitions/WordCloudFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"SortConfiguration": {
"$ref": "#/definitions/WordCloudSortConfiguration"
},
@@ -11111,6 +12674,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -11152,6 +12720,18 @@
"NORMAL"
],
"type": "string"
+ },
+ "YAxisOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "YAxis": {
+ "$ref": "#/definitions/SingleYAxisOption"
+ }
+ },
+ "required": [
+ "YAxis"
+ ],
+ "type": "object"
}
},
"description": "Definition of the AWS::QuickSight::Analysis Resource Type.",
@@ -11166,7 +12746,10 @@
"quicksight:PassDataSet",
"quicksight:TagResource",
"quicksight:UntagResource",
- "quicksight:ListTagsForResource"
+ "quicksight:ListTagsForResource",
+ "quicksight:CreateFolderMembership",
+ "quicksight:DeleteFolderMembership",
+ "quicksight:ListFoldersForResource"
]
},
"delete": {
@@ -11203,6 +12786,9 @@
"quicksight:DescribeAnalysisPermissions",
"quicksight:UpdateAnalysis",
"quicksight:UpdateAnalysisPermissions",
+ "quicksight:CreateFolderMembership",
+ "quicksight:DeleteFolderMembership",
+ "quicksight:ListFoldersForResource",
"quicksight:DescribeTemplate",
"quicksight:DescribeTheme",
"quicksight:PassDataSet",
@@ -11258,6 +12844,14 @@
"minItems": 1,
"type": "array"
},
+ "FolderArns": {
+ "items": {
+ "type": "string"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
"LastUpdatedTime": {
"description": "The time that the analysis was last updated.
",
"format": "date-time",
@@ -11323,12 +12917,25 @@
"Name"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-quicksight",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "quicksight:TagResource",
+ "quicksight:UntagResource",
+ "quicksight:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::QuickSight::Analysis",
"writeOnlyProperties": [
"/properties/Definition",
"/properties/Parameters",
"/properties/SourceEntity",
"/properties/Status",
- "/properties/ValidationStrategy"
+ "/properties/ValidationStrategy",
+ "/properties/FolderArns"
]
}
diff --git a/schema/aws-quicksight-custompermissions.json b/schema/aws-quicksight-custompermissions.json
new file mode 100644
index 0000000..6e18afc
--- /dev/null
+++ b/schema/aws-quicksight-custompermissions.json
@@ -0,0 +1,180 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/AwsAccountId",
+ "/properties/CustomPermissionsName"
+ ],
+ "definitions": {
+ "Capabilities": {
+ "additionalProperties": false,
+ "properties": {
+ "AddOrRunAnomalyDetectionForAnalyses": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "CreateAndUpdateDashboardEmailReports": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "CreateAndUpdateDataSources": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "CreateAndUpdateDatasets": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "CreateAndUpdateThemes": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "CreateAndUpdateThresholdAlerts": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "CreateSPICEDataset": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "CreateSharedFolders": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "ExportToCsv": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "ExportToExcel": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "RenameSharedFolders": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "ShareAnalyses": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "ShareDashboards": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "ShareDataSources": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "ShareDatasets": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "SubscribeDashboardEmailReports": {
+ "$ref": "#/definitions/CapabilityState"
+ },
+ "ViewAccountSPICECapacity": {
+ "$ref": "#/definitions/CapabilityState"
+ }
+ },
+ "type": "object"
+ },
+ "CapabilityState": {
+ "enum": [
+ "DENY"
+ ],
+ "type": "string"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "description": "The key or keys of the key-value pairs for the resource tag or tags assigned to the\n resource.
",
+ "properties": {
+ "Key": {
+ "description": "Tag key.
",
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "description": "Tag value.
",
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "Definition of the AWS::QuickSight::CustomPermissions Resource Type.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "quicksight:CreateCustomPermissions",
+ "quicksight:TagResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "quicksight:DeleteCustomPermissions"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "quicksight:ListCustomPermissions"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "quicksight:DescribeCustomPermissions",
+ "quicksight:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "quicksight:UpdateCustomPermissions",
+ "quicksight:TagResource",
+ "quicksight:UntagResource",
+ "quicksight:ListTagsForResource"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/AwsAccountId",
+ "/properties/CustomPermissionsName"
+ ],
+ "properties": {
+ "Arn": {
+ "type": "string"
+ },
+ "AwsAccountId": {
+ "maxLength": 12,
+ "minLength": 12,
+ "pattern": "^[0-9]{12}$",
+ "type": "string"
+ },
+ "Capabilities": {
+ "$ref": "#/definitions/Capabilities"
+ },
+ "CustomPermissionsName": {
+ "maxLength": 64,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9+=,.@_-]+$",
+ "type": "string"
+ },
+ "Tags": {
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 200,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn"
+ ],
+ "required": [
+ "AwsAccountId",
+ "CustomPermissionsName"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "quicksight:TagResource",
+ "quicksight:UntagResource",
+ "quicksight:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::QuickSight::CustomPermissions"
+}
diff --git a/schema/aws-quicksight-dashboard.json b/schema/aws-quicksight-dashboard.json
index cab841a..a89117e 100644
--- a/schema/aws-quicksight-dashboard.json
+++ b/schema/aws-quicksight-dashboard.json
@@ -402,6 +402,9 @@
"FieldWells": {
"$ref": "#/definitions/BarChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -520,6 +523,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -583,6 +591,9 @@
"PageBreakConfiguration": {
"$ref": "#/definitions/SectionPageBreakConfiguration"
},
+ "RepeatConfiguration": {
+ "$ref": "#/definitions/BodySectionRepeatConfiguration"
+ },
"SectionId": {
"maxLength": 512,
"minLength": 1,
@@ -608,6 +619,105 @@
},
"type": "object"
},
+ "BodySectionDynamicCategoryDimensionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Column": {
+ "$ref": "#/definitions/ColumnIdentifier"
+ },
+ "Limit": {
+ "maximum": 1000,
+ "minimum": 1,
+ "type": "number"
+ },
+ "SortByMetrics": {
+ "items": {
+ "$ref": "#/definitions/ColumnSort"
+ },
+ "maxItems": 100,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Column"
+ ],
+ "type": "object"
+ },
+ "BodySectionDynamicNumericDimensionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Column": {
+ "$ref": "#/definitions/ColumnIdentifier"
+ },
+ "Limit": {
+ "maximum": 1000,
+ "minimum": 1,
+ "type": "number"
+ },
+ "SortByMetrics": {
+ "items": {
+ "$ref": "#/definitions/ColumnSort"
+ },
+ "maxItems": 100,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Column"
+ ],
+ "type": "object"
+ },
+ "BodySectionRepeatConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "DimensionConfigurations": {
+ "items": {
+ "$ref": "#/definitions/BodySectionRepeatDimensionConfiguration"
+ },
+ "maxItems": 3,
+ "minItems": 0,
+ "type": "array"
+ },
+ "NonRepeatingVisuals": {
+ "items": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "maxItems": 20,
+ "minItems": 0,
+ "type": "array"
+ },
+ "PageBreakConfiguration": {
+ "$ref": "#/definitions/BodySectionRepeatPageBreakConfiguration"
+ }
+ },
+ "type": "object"
+ },
+ "BodySectionRepeatDimensionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "DynamicCategoryDimensionConfiguration": {
+ "$ref": "#/definitions/BodySectionDynamicCategoryDimensionConfiguration"
+ },
+ "DynamicNumericDimensionConfiguration": {
+ "$ref": "#/definitions/BodySectionDynamicNumericDimensionConfiguration"
+ }
+ },
+ "type": "object"
+ },
+ "BodySectionRepeatPageBreakConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "After": {
+ "$ref": "#/definitions/SectionAfterPageBreak"
+ }
+ },
+ "type": "object"
+ },
"BoxPlotAggregatedFieldWells": {
"additionalProperties": false,
"properties": {
@@ -645,6 +755,9 @@
"FieldWells": {
"$ref": "#/definitions/BoxPlotFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -759,6 +872,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -981,6 +1099,25 @@
],
"type": "string"
},
+ "CategoryInnerFilter": {
+ "additionalProperties": false,
+ "properties": {
+ "Column": {
+ "$ref": "#/definitions/ColumnIdentifier"
+ },
+ "Configuration": {
+ "$ref": "#/definitions/CategoryFilterConfiguration"
+ },
+ "DefaultFilterControlConfiguration": {
+ "$ref": "#/definitions/DefaultFilterControlConfiguration"
+ }
+ },
+ "required": [
+ "Column",
+ "Configuration"
+ ],
+ "type": "object"
+ },
"ChartAxisLabelOptions": {
"additionalProperties": false,
"properties": {
@@ -1158,6 +1295,9 @@
"Label": {
"type": "string"
},
+ "TooltipTarget": {
+ "$ref": "#/definitions/TooltipTarget"
+ },
"Visibility": {
"$ref": "#/definitions/Visibility"
}
@@ -1226,6 +1366,9 @@
"FieldWells": {
"$ref": "#/definitions/ComboChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -1252,6 +1395,9 @@
"SecondaryYAxisLabelOptions": {
"$ref": "#/definitions/ChartAxisLabelOptions"
},
+ "SingleAxisOptions": {
+ "$ref": "#/definitions/SingleAxisOptions"
+ },
"SortConfiguration": {
"$ref": "#/definitions/ComboChartSortConfiguration"
},
@@ -1329,6 +1475,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -1341,6 +1492,13 @@
],
"type": "object"
},
+ "CommitMode": {
+ "enum": [
+ "AUTO",
+ "MANUAL"
+ ],
+ "type": "string"
+ },
"ComparisonConfiguration": {
"additionalProperties": false,
"properties": {
@@ -1555,6 +1713,15 @@
],
"type": "object"
},
+ "ContextMenuOption": {
+ "additionalProperties": false,
+ "properties": {
+ "AvailabilityStatus": {
+ "$ref": "#/definitions/DashboardBehavior"
+ }
+ },
+ "type": "object"
+ },
"ContributionAnalysisDefault": {
"additionalProperties": false,
"properties": {
@@ -1714,6 +1881,9 @@
},
"ImageScaling": {
"$ref": "#/definitions/CustomContentImageScalingConfiguration"
+ },
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
}
},
"type": "object"
@@ -1759,6 +1929,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -2145,6 +2320,14 @@
"maxItems": 20,
"minItems": 0,
"type": "array"
+ },
+ "StaticFiles": {
+ "items": {
+ "$ref": "#/definitions/StaticFile"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
}
},
"required": [
@@ -2656,11 +2839,17 @@
"DateTimePickerControlDisplayOptions": {
"additionalProperties": false,
"properties": {
+ "DateIconVisibility": {
+ "$ref": "#/definitions/Visibility"
+ },
"DateTimeFormat": {
"maxLength": 128,
"minLength": 1,
"type": "string"
},
+ "HelperTextVisibility": {
+ "$ref": "#/definitions/Visibility"
+ },
"InfoIconLabelOptions": {
"$ref": "#/definitions/SheetControlInfoIconLabelOptions"
},
@@ -2799,6 +2988,9 @@
"DefaultDateTimePickerControlOptions": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DateTimePickerControlDisplayOptions"
},
@@ -2856,6 +3048,9 @@
"DefaultFilterDropDownControlOptions": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DropDownControlDisplayOptions"
},
@@ -2946,6 +3141,9 @@
"DefaultRelativeDateTimeControlOptions": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/RelativeDateTimeControlDisplayOptions"
}
@@ -3039,6 +3237,13 @@
},
"type": "object"
},
+ "DigitGroupingStyle": {
+ "enum": [
+ "DEFAULT",
+ "LAKHS"
+ ],
+ "type": "string"
+ },
"DimensionField": {
"additionalProperties": false,
"properties": {
@@ -3339,6 +3544,9 @@
"Label": {
"type": "string"
},
+ "TooltipTarget": {
+ "$ref": "#/definitions/TooltipTarget"
+ },
"Visibility": {
"$ref": "#/definitions/Visibility"
}
@@ -3405,6 +3613,9 @@
"FieldWells": {
"$ref": "#/definitions/FilledMapFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -3494,6 +3705,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -3512,6 +3728,9 @@
"CategoryFilter": {
"$ref": "#/definitions/CategoryFilter"
},
+ "NestedFilter": {
+ "$ref": "#/definitions/NestedFilter"
+ },
"NumericEqualityFilter": {
"$ref": "#/definitions/NumericEqualityFilter"
},
@@ -3591,6 +3810,9 @@
"FilterDateTimePickerControl": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DateTimePickerControlDisplayOptions"
},
@@ -3628,6 +3850,9 @@
"CascadingControlConfiguration": {
"$ref": "#/definitions/CascadingControlConfiguration"
},
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DropDownControlDisplayOptions"
},
@@ -3813,6 +4038,9 @@
"FilterRelativeDateTimeControl": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/RelativeDateTimeControlDisplayOptions"
},
@@ -4000,6 +4228,9 @@
"FontDecoration": {
"$ref": "#/definitions/FontDecoration"
},
+ "FontFamily": {
+ "type": "string"
+ },
"FontSize": {
"$ref": "#/definitions/FontSize"
},
@@ -4022,6 +4253,10 @@
"FontSize": {
"additionalProperties": false,
"properties": {
+ "Absolute": {
+ "description": "String based length that is composed of value and unit in px",
+ "type": "string"
+ },
"Relative": {
"$ref": "#/definitions/RelativeFontSize"
}
@@ -4334,6 +4569,9 @@
"FieldWells": {
"$ref": "#/definitions/FunnelChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"SortConfiguration": {
"$ref": "#/definitions/FunnelChartSortConfiguration"
},
@@ -4441,6 +4679,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -4462,6 +4705,20 @@
},
"type": "object"
},
+ "GaugeChartColorConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "BackgroundColor": {
+ "pattern": "^#[A-F0-9]{6}$",
+ "type": "string"
+ },
+ "ForegroundColor": {
+ "pattern": "^#[A-F0-9]{6}$",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"GaugeChartConditionalFormatting": {
"additionalProperties": false,
"properties": {
@@ -4491,6 +4748,9 @@
"GaugeChartConfiguration": {
"additionalProperties": false,
"properties": {
+ "ColorConfiguration": {
+ "$ref": "#/definitions/GaugeChartColorConfiguration"
+ },
"DataLabels": {
"$ref": "#/definitions/DataLabelOptions"
},
@@ -4500,6 +4760,9 @@
"GaugeChartOptions": {
"$ref": "#/definitions/GaugeChartOptions"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"TooltipOptions": {
"$ref": "#/definitions/TooltipOptions"
},
@@ -4587,6 +4850,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -4599,80 +4867,397 @@
],
"type": "object"
},
- "GeospatialCoordinateBounds": {
+ "GeospatialCategoricalColor": {
"additionalProperties": false,
"properties": {
- "East": {
- "maximum": 1800,
- "minimum": -1800,
- "type": "number"
+ "CategoryDataColors": {
+ "items": {
+ "$ref": "#/definitions/GeospatialCategoricalDataColor"
+ },
+ "type": "array"
},
- "North": {
- "maximum": 90,
- "minimum": -90,
+ "DefaultOpacity": {
+ "maximum": 1,
+ "minimum": 0,
"type": "number"
},
- "South": {
- "maximum": 90,
- "minimum": -90,
- "type": "number"
+ "NullDataSettings": {
+ "$ref": "#/definitions/GeospatialNullDataSettings"
},
- "West": {
- "maximum": 1800,
- "minimum": -1800,
- "type": "number"
+ "NullDataVisibility": {
+ "$ref": "#/definitions/Visibility"
}
},
"required": [
- "East",
- "North",
- "South",
- "West"
+ "CategoryDataColors"
],
"type": "object"
},
- "GeospatialHeatmapColorScale": {
+ "GeospatialCategoricalDataColor": {
"additionalProperties": false,
"properties": {
- "Colors": {
- "items": {
- "$ref": "#/definitions/GeospatialHeatmapDataColor"
- },
- "maxItems": 2,
- "minItems": 2,
- "type": "array"
+ "Color": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "DataValue": {
+ "type": "string"
}
},
+ "required": [
+ "Color",
+ "DataValue"
+ ],
"type": "object"
},
- "GeospatialHeatmapConfiguration": {
+ "GeospatialCircleRadius": {
"additionalProperties": false,
"properties": {
- "HeatmapColor": {
- "$ref": "#/definitions/GeospatialHeatmapColorScale"
+ "Radius": {
+ "minimum": 0,
+ "type": "number"
}
},
"type": "object"
},
- "GeospatialHeatmapDataColor": {
+ "GeospatialCircleSymbolStyle": {
"additionalProperties": false,
"properties": {
- "Color": {
- "pattern": "^#[A-F0-9]{6}$",
- "type": "string"
+ "CircleRadius": {
+ "$ref": "#/definitions/GeospatialCircleRadius"
+ },
+ "FillColor": {
+ "$ref": "#/definitions/GeospatialColor"
+ },
+ "StrokeColor": {
+ "$ref": "#/definitions/GeospatialColor"
+ },
+ "StrokeWidth": {
+ "$ref": "#/definitions/GeospatialLineWidth"
}
},
- "required": [
- "Color"
- ],
"type": "object"
},
- "GeospatialMapAggregatedFieldWells": {
+ "GeospatialColor": {
"additionalProperties": false,
"properties": {
- "Colors": {
- "items": {
- "$ref": "#/definitions/DimensionField"
+ "Categorical": {
+ "$ref": "#/definitions/GeospatialCategoricalColor"
+ },
+ "Gradient": {
+ "$ref": "#/definitions/GeospatialGradientColor"
+ },
+ "Solid": {
+ "$ref": "#/definitions/GeospatialSolidColor"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialColorState": {
+ "description": "Defines view state of the color",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "GeospatialCoordinateBounds": {
+ "additionalProperties": false,
+ "properties": {
+ "East": {
+ "maximum": 1800,
+ "minimum": -1800,
+ "type": "number"
+ },
+ "North": {
+ "maximum": 90,
+ "minimum": -90,
+ "type": "number"
+ },
+ "South": {
+ "maximum": 90,
+ "minimum": -90,
+ "type": "number"
+ },
+ "West": {
+ "maximum": 1800,
+ "minimum": -1800,
+ "type": "number"
+ }
+ },
+ "required": [
+ "East",
+ "North",
+ "South",
+ "West"
+ ],
+ "type": "object"
+ },
+ "GeospatialDataSourceItem": {
+ "additionalProperties": false,
+ "properties": {
+ "StaticFileDataSource": {
+ "$ref": "#/definitions/GeospatialStaticFileSource"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialGradientColor": {
+ "additionalProperties": false,
+ "properties": {
+ "DefaultOpacity": {
+ "maximum": 1,
+ "minimum": 0,
+ "type": "number"
+ },
+ "NullDataSettings": {
+ "$ref": "#/definitions/GeospatialNullDataSettings"
+ },
+ "NullDataVisibility": {
+ "$ref": "#/definitions/Visibility"
+ },
+ "StepColors": {
+ "items": {
+ "$ref": "#/definitions/GeospatialGradientStepColor"
+ },
+ "maxItems": 3,
+ "minItems": 2,
+ "type": "array"
+ }
+ },
+ "required": [
+ "StepColors"
+ ],
+ "type": "object"
+ },
+ "GeospatialGradientStepColor": {
+ "additionalProperties": false,
+ "properties": {
+ "Color": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "DataValue": {
+ "default": 0,
+ "type": "number"
+ }
+ },
+ "required": [
+ "Color",
+ "DataValue"
+ ],
+ "type": "object"
+ },
+ "GeospatialHeatmapColorScale": {
+ "additionalProperties": false,
+ "properties": {
+ "Colors": {
+ "items": {
+ "$ref": "#/definitions/GeospatialHeatmapDataColor"
+ },
+ "maxItems": 2,
+ "minItems": 2,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialHeatmapConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "HeatmapColor": {
+ "$ref": "#/definitions/GeospatialHeatmapColorScale"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialHeatmapDataColor": {
+ "additionalProperties": false,
+ "properties": {
+ "Color": {
+ "pattern": "^#[A-F0-9]{6}$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Color"
+ ],
+ "type": "object"
+ },
+ "GeospatialLayerColorField": {
+ "additionalProperties": false,
+ "properties": {
+ "ColorDimensionsFields": {
+ "items": {
+ "$ref": "#/definitions/DimensionField"
+ },
+ "maxItems": 1,
+ "minItems": 0,
+ "type": "array"
+ },
+ "ColorValuesFields": {
+ "items": {
+ "$ref": "#/definitions/MeasureField"
+ },
+ "maxItems": 1,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialLayerDefinition": {
+ "additionalProperties": false,
+ "properties": {
+ "LineLayer": {
+ "$ref": "#/definitions/GeospatialLineLayer"
+ },
+ "PointLayer": {
+ "$ref": "#/definitions/GeospatialPointLayer"
+ },
+ "PolygonLayer": {
+ "$ref": "#/definitions/GeospatialPolygonLayer"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialLayerItem": {
+ "additionalProperties": false,
+ "properties": {
+ "Actions": {
+ "items": {
+ "$ref": "#/definitions/LayerCustomAction"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
+ "DataSource": {
+ "$ref": "#/definitions/GeospatialDataSourceItem"
+ },
+ "JoinDefinition": {
+ "$ref": "#/definitions/GeospatialLayerJoinDefinition"
+ },
+ "Label": {
+ "type": "string"
+ },
+ "LayerDefinition": {
+ "$ref": "#/definitions/GeospatialLayerDefinition"
+ },
+ "LayerId": {
+ "type": "string"
+ },
+ "LayerType": {
+ "$ref": "#/definitions/GeospatialLayerType"
+ },
+ "Tooltip": {
+ "$ref": "#/definitions/TooltipOptions"
+ },
+ "Visibility": {
+ "$ref": "#/definitions/Visibility"
+ }
+ },
+ "required": [
+ "LayerId"
+ ],
+ "type": "object"
+ },
+ "GeospatialLayerJoinDefinition": {
+ "additionalProperties": false,
+ "properties": {
+ "ColorField": {
+ "$ref": "#/definitions/GeospatialLayerColorField"
+ },
+ "DatasetKeyField": {
+ "$ref": "#/definitions/UnaggregatedField"
+ },
+ "ShapeKeyField": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialLayerMapConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
+ "Legend": {
+ "$ref": "#/definitions/LegendOptions"
+ },
+ "MapLayers": {
+ "items": {
+ "$ref": "#/definitions/GeospatialLayerItem"
+ },
+ "type": "array"
+ },
+ "MapState": {
+ "$ref": "#/definitions/GeospatialMapState"
+ },
+ "MapStyle": {
+ "$ref": "#/definitions/GeospatialMapStyle"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialLayerType": {
+ "enum": [
+ "POINT",
+ "LINE",
+ "POLYGON"
+ ],
+ "type": "string"
+ },
+ "GeospatialLineLayer": {
+ "additionalProperties": false,
+ "properties": {
+ "Style": {
+ "$ref": "#/definitions/GeospatialLineStyle"
+ }
+ },
+ "required": [
+ "Style"
+ ],
+ "type": "object"
+ },
+ "GeospatialLineStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "LineSymbolStyle": {
+ "$ref": "#/definitions/GeospatialLineSymbolStyle"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialLineSymbolStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "FillColor": {
+ "$ref": "#/definitions/GeospatialColor"
+ },
+ "LineWidth": {
+ "$ref": "#/definitions/GeospatialLineWidth"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialLineWidth": {
+ "additionalProperties": false,
+ "properties": {
+ "LineWidth": {
+ "minimum": 0,
+ "type": "number"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialMapAggregatedFieldWells": {
+ "additionalProperties": false,
+ "properties": {
+ "Colors": {
+ "items": {
+ "$ref": "#/definitions/DimensionField"
},
"maxItems": 200,
"minItems": 0,
@@ -4703,6 +5288,9 @@
"FieldWells": {
"$ref": "#/definitions/GeospatialMapFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -4733,6 +5321,41 @@
},
"type": "object"
},
+ "GeospatialMapNavigation": {
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "GeospatialMapState": {
+ "additionalProperties": false,
+ "properties": {
+ "Bounds": {
+ "$ref": "#/definitions/GeospatialCoordinateBounds"
+ },
+ "MapNavigation": {
+ "$ref": "#/definitions/GeospatialMapNavigation"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialMapStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "BackgroundColor": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "BaseMapStyle": {
+ "$ref": "#/definitions/BaseMapStyleType"
+ },
+ "BaseMapVisibility": {
+ "$ref": "#/definitions/Visibility"
+ }
+ },
+ "type": "object"
+ },
"GeospatialMapStyleOptions": {
"additionalProperties": false,
"properties": {
@@ -4770,6 +5393,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -4782,6 +5410,57 @@
],
"type": "object"
},
+ "GeospatialNullDataSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "SymbolStyle": {
+ "$ref": "#/definitions/GeospatialNullSymbolStyle"
+ }
+ },
+ "required": [
+ "SymbolStyle"
+ ],
+ "type": "object"
+ },
+ "GeospatialNullSymbolStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "FillColor": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "StrokeColor": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "StrokeWidth": {
+ "minimum": 0,
+ "type": "number"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialPointLayer": {
+ "additionalProperties": false,
+ "properties": {
+ "Style": {
+ "$ref": "#/definitions/GeospatialPointStyle"
+ }
+ },
+ "required": [
+ "Style"
+ ],
+ "type": "object"
+ },
+ "GeospatialPointStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "CircleSymbolStyle": {
+ "$ref": "#/definitions/GeospatialCircleSymbolStyle"
+ }
+ },
+ "type": "object"
+ },
"GeospatialPointStyleOptions": {
"additionalProperties": false,
"properties": {
@@ -4797,13 +5476,81 @@
},
"type": "object"
},
+ "GeospatialPolygonLayer": {
+ "additionalProperties": false,
+ "properties": {
+ "Style": {
+ "$ref": "#/definitions/GeospatialPolygonStyle"
+ }
+ },
+ "required": [
+ "Style"
+ ],
+ "type": "object"
+ },
+ "GeospatialPolygonStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "PolygonSymbolStyle": {
+ "$ref": "#/definitions/GeospatialPolygonSymbolStyle"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialPolygonSymbolStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "FillColor": {
+ "$ref": "#/definitions/GeospatialColor"
+ },
+ "StrokeColor": {
+ "$ref": "#/definitions/GeospatialColor"
+ },
+ "StrokeWidth": {
+ "$ref": "#/definitions/GeospatialLineWidth"
+ }
+ },
+ "type": "object"
+ },
"GeospatialSelectedPointStyle": {
"enum": [
"POINT",
"CLUSTER",
"HEATMAP"
],
- "type": "string"
+ "type": "string"
+ },
+ "GeospatialSolidColor": {
+ "additionalProperties": false,
+ "description": "Describes the properties for a solid color",
+ "properties": {
+ "Color": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "State": {
+ "$ref": "#/definitions/GeospatialColorState"
+ }
+ },
+ "required": [
+ "Color"
+ ],
+ "type": "object"
+ },
+ "GeospatialStaticFileSource": {
+ "additionalProperties": false,
+ "properties": {
+ "StaticFileId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "StaticFileId"
+ ],
+ "type": "object"
},
"GeospatialWindowOptions": {
"additionalProperties": false,
@@ -5047,6 +5794,9 @@
"FieldWells": {
"$ref": "#/definitions/HeatMapFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -5127,6 +5877,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -5191,6 +5946,9 @@
"FieldWells": {
"$ref": "#/definitions/HistogramFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Tooltip": {
"$ref": "#/definitions/TooltipOptions"
},
@@ -5238,6 +5996,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -5290,6 +6053,110 @@
],
"type": "string"
},
+ "ImageCustomAction": {
+ "additionalProperties": false,
+ "properties": {
+ "ActionOperations": {
+ "items": {
+ "$ref": "#/definitions/ImageCustomActionOperation"
+ },
+ "maxItems": 2,
+ "minItems": 1,
+ "type": "array"
+ },
+ "CustomActionId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "Name": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/WidgetStatus"
+ },
+ "Trigger": {
+ "$ref": "#/definitions/ImageCustomActionTrigger"
+ }
+ },
+ "required": [
+ "ActionOperations",
+ "CustomActionId",
+ "Name",
+ "Trigger"
+ ],
+ "type": "object"
+ },
+ "ImageCustomActionOperation": {
+ "additionalProperties": false,
+ "properties": {
+ "NavigationOperation": {
+ "$ref": "#/definitions/CustomActionNavigationOperation"
+ },
+ "SetParametersOperation": {
+ "$ref": "#/definitions/CustomActionSetParametersOperation"
+ },
+ "URLOperation": {
+ "$ref": "#/definitions/CustomActionURLOperation"
+ }
+ },
+ "type": "object"
+ },
+ "ImageCustomActionTrigger": {
+ "enum": [
+ "CLICK",
+ "MENU"
+ ],
+ "type": "string"
+ },
+ "ImageInteractionOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "ImageMenuOption": {
+ "$ref": "#/definitions/ImageMenuOption"
+ }
+ },
+ "type": "object"
+ },
+ "ImageMenuOption": {
+ "additionalProperties": false,
+ "properties": {
+ "AvailabilityStatus": {
+ "$ref": "#/definitions/DashboardBehavior"
+ }
+ },
+ "type": "object"
+ },
+ "ImageStaticFile": {
+ "additionalProperties": false,
+ "properties": {
+ "Source": {
+ "$ref": "#/definitions/StaticFileSource"
+ },
+ "StaticFileId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "StaticFileId"
+ ],
+ "type": "object"
+ },
+ "InnerFilter": {
+ "additionalProperties": false,
+ "properties": {
+ "CategoryInnerFilter": {
+ "$ref": "#/definitions/CategoryInnerFilter"
+ }
+ },
+ "type": "object"
+ },
"InsightConfiguration": {
"additionalProperties": false,
"properties": {
@@ -5303,6 +6170,9 @@
},
"CustomNarrative": {
"$ref": "#/definitions/CustomNarrativeOptions"
+ },
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
}
},
"type": "object"
@@ -5332,6 +6202,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -5507,6 +6382,9 @@
"FieldWells": {
"$ref": "#/definitions/KPIFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"KPIOptions": {
"$ref": "#/definitions/KPIOptions"
},
@@ -5631,42 +6509,181 @@
"$ref": "#/definitions/Visibility"
}
},
- "required": [
- "Type"
- ],
+ "required": [
+ "Type"
+ ],
+ "type": "object"
+ },
+ "KPISparklineType": {
+ "enum": [
+ "LINE",
+ "AREA"
+ ],
+ "type": "string"
+ },
+ "KPIVisual": {
+ "additionalProperties": false,
+ "properties": {
+ "Actions": {
+ "items": {
+ "$ref": "#/definitions/VisualCustomAction"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
+ "ChartConfiguration": {
+ "$ref": "#/definitions/KPIConfiguration"
+ },
+ "ColumnHierarchies": {
+ "items": {
+ "$ref": "#/definitions/ColumnHierarchy"
+ },
+ "maxItems": 2,
+ "minItems": 0,
+ "type": "array"
+ },
+ "ConditionalFormatting": {
+ "$ref": "#/definitions/KPIConditionalFormatting"
+ },
+ "Subtitle": {
+ "$ref": "#/definitions/VisualSubtitleLabelOptions"
+ },
+ "Title": {
+ "$ref": "#/definitions/VisualTitleLabelOptions"
+ },
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
+ "VisualId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "VisualId"
+ ],
+ "type": "object"
+ },
+ "KPIVisualLayoutOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "StandardLayout": {
+ "$ref": "#/definitions/KPIVisualStandardLayout"
+ }
+ },
+ "type": "object"
+ },
+ "KPIVisualStandardLayout": {
+ "additionalProperties": false,
+ "properties": {
+ "Type": {
+ "$ref": "#/definitions/KPIVisualStandardLayoutType"
+ }
+ },
+ "required": [
+ "Type"
+ ],
+ "type": "object"
+ },
+ "KPIVisualStandardLayoutType": {
+ "enum": [
+ "CLASSIC",
+ "VERTICAL"
+ ],
+ "type": "string"
+ },
+ "LabelOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "CustomLabel": {
+ "type": "string"
+ },
+ "FontConfiguration": {
+ "$ref": "#/definitions/FontConfiguration"
+ },
+ "Visibility": {
+ "$ref": "#/definitions/Visibility"
+ }
+ },
+ "type": "object"
+ },
+ "LayerCustomAction": {
+ "additionalProperties": false,
+ "properties": {
+ "ActionOperations": {
+ "items": {
+ "$ref": "#/definitions/LayerCustomActionOperation"
+ },
+ "maxItems": 2,
+ "minItems": 1,
+ "type": "array"
+ },
+ "CustomActionId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "Name": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/WidgetStatus"
+ },
+ "Trigger": {
+ "$ref": "#/definitions/LayerCustomActionTrigger"
+ }
+ },
+ "required": [
+ "ActionOperations",
+ "CustomActionId",
+ "Name",
+ "Trigger"
+ ],
+ "type": "object"
+ },
+ "LayerCustomActionOperation": {
+ "additionalProperties": false,
+ "properties": {
+ "FilterOperation": {
+ "$ref": "#/definitions/CustomActionFilterOperation"
+ },
+ "NavigationOperation": {
+ "$ref": "#/definitions/CustomActionNavigationOperation"
+ },
+ "SetParametersOperation": {
+ "$ref": "#/definitions/CustomActionSetParametersOperation"
+ },
+ "URLOperation": {
+ "$ref": "#/definitions/CustomActionURLOperation"
+ }
+ },
"type": "object"
},
- "KPISparklineType": {
+ "LayerCustomActionTrigger": {
"enum": [
- "LINE",
- "AREA"
+ "DATA_POINT_CLICK",
+ "DATA_POINT_MENU"
],
"type": "string"
},
- "KPIVisual": {
+ "LayerMapVisual": {
"additionalProperties": false,
"properties": {
- "Actions": {
- "items": {
- "$ref": "#/definitions/VisualCustomAction"
- },
- "maxItems": 10,
- "minItems": 0,
- "type": "array"
- },
"ChartConfiguration": {
- "$ref": "#/definitions/KPIConfiguration"
- },
- "ColumnHierarchies": {
- "items": {
- "$ref": "#/definitions/ColumnHierarchy"
- },
- "maxItems": 2,
- "minItems": 0,
- "type": "array"
+ "$ref": "#/definitions/GeospatialLayerMapConfiguration"
},
- "ConditionalFormatting": {
- "$ref": "#/definitions/KPIConditionalFormatting"
+ "DataSetIdentifier": {
+ "maxLength": 2048,
+ "minLength": 1,
+ "type": "string"
},
"Subtitle": {
"$ref": "#/definitions/VisualSubtitleLabelOptions"
@@ -5674,6 +6691,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -5682,53 +6704,11 @@
}
},
"required": [
+ "DataSetIdentifier",
"VisualId"
],
"type": "object"
},
- "KPIVisualLayoutOptions": {
- "additionalProperties": false,
- "properties": {
- "StandardLayout": {
- "$ref": "#/definitions/KPIVisualStandardLayout"
- }
- },
- "type": "object"
- },
- "KPIVisualStandardLayout": {
- "additionalProperties": false,
- "properties": {
- "Type": {
- "$ref": "#/definitions/KPIVisualStandardLayoutType"
- }
- },
- "required": [
- "Type"
- ],
- "type": "object"
- },
- "KPIVisualStandardLayoutType": {
- "enum": [
- "CLASSIC",
- "VERTICAL"
- ],
- "type": "string"
- },
- "LabelOptions": {
- "additionalProperties": false,
- "properties": {
- "CustomLabel": {
- "type": "string"
- },
- "FontConfiguration": {
- "$ref": "#/definitions/FontConfiguration"
- },
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
- },
- "type": "object"
- },
"Layout": {
"additionalProperties": false,
"properties": {
@@ -5761,7 +6741,8 @@
"VISUAL",
"FILTER_CONTROL",
"PARAMETER_CONTROL",
- "TEXT_BOX"
+ "TEXT_BOX",
+ "IMAGE"
],
"type": "string"
},
@@ -5778,6 +6759,9 @@
"Title": {
"$ref": "#/definitions/LabelOptions"
},
+ "ValueFontConfiguration": {
+ "$ref": "#/definitions/FontConfiguration"
+ },
"Visibility": {
"$ref": "#/definitions/Visibility"
},
@@ -5863,6 +6847,9 @@
"minItems": 0,
"type": "array"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -5894,6 +6881,9 @@
"minItems": 0,
"type": "array"
},
+ "SingleAxisOptions": {
+ "$ref": "#/definitions/SingleAxisOptions"
+ },
"SmallMultiplesOptions": {
"$ref": "#/definitions/SmallMultiplesOptions"
},
@@ -6078,6 +7068,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -6367,6 +7362,34 @@
],
"type": "string"
},
+ "NestedFilter": {
+ "additionalProperties": false,
+ "properties": {
+ "Column": {
+ "$ref": "#/definitions/ColumnIdentifier"
+ },
+ "FilterId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "IncludeInnerSet": {
+ "default": false,
+ "type": "boolean"
+ },
+ "InnerFilter": {
+ "$ref": "#/definitions/InnerFilter"
+ }
+ },
+ "required": [
+ "Column",
+ "FilterId",
+ "IncludeInnerSet",
+ "InnerFilter"
+ ],
+ "type": "object"
+ },
"NullValueFormatConfiguration": {
"additionalProperties": false,
"properties": {
@@ -6428,7 +7451,9 @@
"THOUSANDS",
"MILLIONS",
"BILLIONS",
- "TRILLIONS"
+ "TRILLIONS",
+ "LAKHS",
+ "CRORES"
],
"type": "string"
},
@@ -6866,6 +7891,9 @@
"CascadingControlConfiguration": {
"$ref": "#/definitions/CascadingControlConfiguration"
},
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DropDownControlDisplayOptions"
},
@@ -7281,6 +8309,9 @@
"FieldWells": {
"$ref": "#/definitions/PieChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -7367,6 +8398,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -7504,6 +8540,9 @@
"FieldWells": {
"$ref": "#/definitions/PivotTableFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"PaginatedReportOptions": {
"$ref": "#/definitions/PivotTablePaginatedReportOptions"
},
@@ -7822,6 +8861,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -7853,18 +8897,171 @@
"items": {
"$ref": "#/definitions/TotalAggregationOption"
},
- "maxItems": 200,
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
+ },
+ "TotalCellStyle": {
+ "$ref": "#/definitions/TableCellStyle"
+ },
+ "TotalsVisibility": {
+ "$ref": "#/definitions/Visibility"
+ },
+ "ValueCellStyle": {
+ "$ref": "#/definitions/TableCellStyle"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisual": {
+ "additionalProperties": false,
+ "properties": {
+ "ChartConfiguration": {
+ "$ref": "#/definitions/PluginVisualConfiguration"
+ },
+ "PluginArn": {
+ "type": "string"
+ },
+ "Subtitle": {
+ "$ref": "#/definitions/VisualSubtitleLabelOptions"
+ },
+ "Title": {
+ "$ref": "#/definitions/VisualTitleLabelOptions"
+ },
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
+ "VisualId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "PluginArn",
+ "VisualId"
+ ],
+ "type": "object"
+ },
+ "PluginVisualAxisName": {
+ "enum": [
+ "GROUP_BY",
+ "VALUE"
+ ],
+ "type": "string"
+ },
+ "PluginVisualConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "FieldWells": {
+ "items": {
+ "$ref": "#/definitions/PluginVisualFieldWell"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
+ "SortConfiguration": {
+ "$ref": "#/definitions/PluginVisualSortConfiguration"
+ },
+ "VisualOptions": {
+ "$ref": "#/definitions/PluginVisualOptions"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualFieldWell": {
+ "additionalProperties": false,
+ "properties": {
+ "AxisName": {
+ "$ref": "#/definitions/PluginVisualAxisName"
+ },
+ "Dimensions": {
+ "items": {
+ "$ref": "#/definitions/DimensionField"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
+ },
+ "Measures": {
+ "items": {
+ "$ref": "#/definitions/MeasureField"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
+ },
+ "Unaggregated": {
+ "items": {
+ "$ref": "#/definitions/UnaggregatedField"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualItemsLimitConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ItemsLimit": {
+ "default": null,
+ "type": "number"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "VisualProperties": {
+ "items": {
+ "$ref": "#/definitions/PluginVisualProperty"
+ },
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualProperty": {
+ "additionalProperties": false,
+ "properties": {
+ "Name": {
+ "type": "string"
+ },
+ "Value": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualSortConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "PluginVisualTableQuerySort": {
+ "$ref": "#/definitions/PluginVisualTableQuerySort"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualTableQuerySort": {
+ "additionalProperties": false,
+ "properties": {
+ "ItemsLimitConfiguration": {
+ "$ref": "#/definitions/PluginVisualItemsLimitConfiguration"
+ },
+ "RowSort": {
+ "items": {
+ "$ref": "#/definitions/FieldSortOptions"
+ },
+ "maxItems": 100,
"minItems": 0,
"type": "array"
- },
- "TotalCellStyle": {
- "$ref": "#/definitions/TableCellStyle"
- },
- "TotalsVisibility": {
- "$ref": "#/definitions/Visibility"
- },
- "ValueCellStyle": {
- "$ref": "#/definitions/TableCellStyle"
}
},
"type": "object"
@@ -7999,6 +9196,9 @@
"FieldWells": {
"$ref": "#/definitions/RadarChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -8100,6 +9300,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -8527,6 +9732,9 @@
"FieldWells": {
"$ref": "#/definitions/SankeyDiagramFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"SortConfiguration": {
"$ref": "#/definitions/SankeyDiagramSortConfiguration"
}
@@ -8582,6 +9790,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -8649,9 +9862,15 @@
"FieldWells": {
"$ref": "#/definitions/ScatterPlotFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
+ "SortConfiguration": {
+ "$ref": "#/definitions/ScatterPlotSortConfiguration"
+ },
"Tooltip": {
"$ref": "#/definitions/TooltipOptions"
},
@@ -8685,6 +9904,15 @@
},
"type": "object"
},
+ "ScatterPlotSortConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ScatterPlotLimitConfiguration": {
+ "$ref": "#/definitions/ItemsLimitConfiguration"
+ }
+ },
+ "type": "object"
+ },
"ScatterPlotUnaggregatedFieldWells": {
"additionalProperties": false,
"properties": {
@@ -8759,6 +9987,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -9093,6 +10326,14 @@
"minItems": 0,
"type": "array"
},
+ "Images": {
+ "items": {
+ "$ref": "#/definitions/SheetImage"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
"Layouts": {
"items": {
"$ref": "#/definitions/Layout"
@@ -9182,6 +10423,112 @@
],
"type": "object"
},
+ "SheetImage": {
+ "additionalProperties": false,
+ "properties": {
+ "Actions": {
+ "items": {
+ "$ref": "#/definitions/ImageCustomAction"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
+ "ImageContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Interactions": {
+ "$ref": "#/definitions/ImageInteractionOptions"
+ },
+ "Scaling": {
+ "$ref": "#/definitions/SheetImageScalingConfiguration"
+ },
+ "SheetImageId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "Source": {
+ "$ref": "#/definitions/SheetImageSource"
+ },
+ "Tooltip": {
+ "$ref": "#/definitions/SheetImageTooltipConfiguration"
+ }
+ },
+ "required": [
+ "SheetImageId",
+ "Source"
+ ],
+ "type": "object"
+ },
+ "SheetImageScalingConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ScalingType": {
+ "$ref": "#/definitions/SheetImageScalingType"
+ }
+ },
+ "type": "object"
+ },
+ "SheetImageScalingType": {
+ "enum": [
+ "SCALE_TO_WIDTH",
+ "SCALE_TO_HEIGHT",
+ "SCALE_TO_CONTAINER",
+ "SCALE_NONE"
+ ],
+ "type": "string"
+ },
+ "SheetImageSource": {
+ "additionalProperties": false,
+ "properties": {
+ "SheetImageStaticFileSource": {
+ "$ref": "#/definitions/SheetImageStaticFileSource"
+ }
+ },
+ "type": "object"
+ },
+ "SheetImageStaticFileSource": {
+ "additionalProperties": false,
+ "properties": {
+ "StaticFileId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "StaticFileId"
+ ],
+ "type": "object"
+ },
+ "SheetImageTooltipConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "TooltipText": {
+ "$ref": "#/definitions/SheetImageTooltipText"
+ },
+ "Visibility": {
+ "$ref": "#/definitions/Visibility"
+ }
+ },
+ "type": "object"
+ },
+ "SheetImageTooltipText": {
+ "additionalProperties": false,
+ "properties": {
+ "PlainText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"SheetLayoutElementMaximizationOption": {
"additionalProperties": false,
"description": "The sheet layout maximization options of a dashbaord.
",
@@ -9301,6 +10648,21 @@
],
"type": "string"
},
+ "SingleAxisOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "YAxisOptions": {
+ "$ref": "#/definitions/YAxisOptions"
+ }
+ },
+ "type": "object"
+ },
+ "SingleYAxisOption": {
+ "enum": [
+ "PRIMARY_Y_AXIS"
+ ],
+ "type": "string"
+ },
"SliderControlDisplayOptions": {
"additionalProperties": false,
"properties": {
@@ -9393,6 +10755,24 @@
},
"type": "object"
},
+ "SpatialStaticFile": {
+ "additionalProperties": false,
+ "properties": {
+ "Source": {
+ "$ref": "#/definitions/StaticFileSource"
+ },
+ "StaticFileId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "StaticFileId"
+ ],
+ "type": "object"
+ },
"SpecialValue": {
"enum": [
"EMPTY",
@@ -9401,6 +10781,62 @@
],
"type": "string"
},
+ "StaticFile": {
+ "additionalProperties": false,
+ "properties": {
+ "ImageStaticFile": {
+ "$ref": "#/definitions/ImageStaticFile"
+ },
+ "SpatialStaticFile": {
+ "$ref": "#/definitions/SpatialStaticFile"
+ }
+ },
+ "type": "object"
+ },
+ "StaticFileS3SourceOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "BucketName": {
+ "type": "string"
+ },
+ "ObjectKey": {
+ "type": "string"
+ },
+ "Region": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "BucketName",
+ "ObjectKey",
+ "Region"
+ ],
+ "type": "object"
+ },
+ "StaticFileSource": {
+ "additionalProperties": false,
+ "properties": {
+ "S3Options": {
+ "$ref": "#/definitions/StaticFileS3SourceOptions"
+ },
+ "UrlOptions": {
+ "$ref": "#/definitions/StaticFileUrlSourceOptions"
+ }
+ },
+ "type": "object"
+ },
+ "StaticFileUrlSourceOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "Url": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "Url"
+ ],
+ "type": "object"
+ },
"StringDefaultValues": {
"additionalProperties": false,
"properties": {
@@ -9695,6 +11131,9 @@
"FieldWells": {
"$ref": "#/definitions/TableFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"PaginatedReportOptions": {
"$ref": "#/definitions/TablePaginatedReportOptions"
},
@@ -9837,6 +11276,14 @@
"maxItems": 100,
"minItems": 0,
"type": "array"
+ },
+ "TransposedTableOptions": {
+ "items": {
+ "$ref": "#/definitions/TransposedTableOption"
+ },
+ "maxItems": 10001,
+ "minItems": 0,
+ "type": "array"
}
},
"type": "object"
@@ -10044,6 +11491,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -10149,6 +11601,9 @@
"ThousandSeparatorOptions": {
"additionalProperties": false,
"properties": {
+ "GroupingStyle": {
+ "$ref": "#/definitions/DigitGroupingStyle"
+ },
"Symbol": {
"$ref": "#/definitions/NumericSeparatorSymbol"
},
@@ -10362,6 +11817,14 @@
},
"type": "object"
},
+ "TooltipTarget": {
+ "enum": [
+ "BOTH",
+ "BAR",
+ "LINE"
+ ],
+ "type": "string"
+ },
"TooltipTitleType": {
"enum": [
"NONE",
@@ -10578,6 +12041,34 @@
},
"type": "object"
},
+ "TransposedColumnType": {
+ "enum": [
+ "ROW_HEADER_COLUMN",
+ "VALUE_COLUMN"
+ ],
+ "type": "string"
+ },
+ "TransposedTableOption": {
+ "additionalProperties": false,
+ "properties": {
+ "ColumnIndex": {
+ "maximum": 9999,
+ "minimum": 0,
+ "type": "number"
+ },
+ "ColumnType": {
+ "$ref": "#/definitions/TransposedColumnType"
+ },
+ "ColumnWidth": {
+ "description": "String based length that is composed of value and unit in px",
+ "type": "string"
+ }
+ },
+ "required": [
+ "ColumnType"
+ ],
+ "type": "object"
+ },
"TreeMapAggregatedFieldWells": {
"additionalProperties": false,
"properties": {
@@ -10626,6 +12117,9 @@
"GroupLabelOptions": {
"$ref": "#/definitions/ChartAxisLabelOptions"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -10695,6 +12189,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -10860,6 +12359,9 @@
"KPIVisual": {
"$ref": "#/definitions/KPIVisual"
},
+ "LayerMapVisual": {
+ "$ref": "#/definitions/LayerMapVisual"
+ },
"LineChartVisual": {
"$ref": "#/definitions/LineChartVisual"
},
@@ -10869,6 +12371,9 @@
"PivotTableVisual": {
"$ref": "#/definitions/PivotTableVisual"
},
+ "PluginVisual": {
+ "$ref": "#/definitions/PluginVisual"
+ },
"RadarChartVisual": {
"$ref": "#/definitions/RadarChartVisual"
},
@@ -10964,6 +12469,18 @@
],
"type": "string"
},
+ "VisualInteractionOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "ContextMenuOption": {
+ "$ref": "#/definitions/ContextMenuOption"
+ },
+ "VisualMenuOption": {
+ "$ref": "#/definitions/VisualMenuOption"
+ }
+ },
+ "type": "object"
+ },
"VisualMenuOption": {
"additionalProperties": false,
"properties": {
@@ -11072,6 +12589,9 @@
"FieldWells": {
"$ref": "#/definitions/WaterfallChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -11174,6 +12694,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -11265,6 +12790,9 @@
"FieldWells": {
"$ref": "#/definitions/WordCloudFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"SortConfiguration": {
"$ref": "#/definitions/WordCloudSortConfiguration"
},
@@ -11361,6 +12889,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -11402,6 +12935,18 @@
"NORMAL"
],
"type": "string"
+ },
+ "YAxisOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "YAxis": {
+ "$ref": "#/definitions/SingleYAxisOption"
+ }
+ },
+ "required": [
+ "YAxis"
+ ],
+ "type": "object"
}
},
"description": "Definition of the AWS::QuickSight::Dashboard Resource Type.",
@@ -11416,7 +12961,10 @@
"quicksight:PassDataSet",
"quicksight:TagResource",
"quicksight:UntagResource",
- "quicksight:ListTagsForResource"
+ "quicksight:ListTagsForResource",
+ "quicksight:CreateFolderMembership",
+ "quicksight:DeleteFolderMembership",
+ "quicksight:ListFoldersForResource"
]
},
"delete": {
@@ -11458,6 +13006,9 @@
"quicksight:DescribeTemplate",
"quicksight:DescribeTheme",
"quicksight:PassDataSet",
+ "quicksight:CreateFolderMembership",
+ "quicksight:DeleteFolderMembership",
+ "quicksight:ListFoldersForResource",
"quicksight:TagResource",
"quicksight:UntagResource",
"quicksight:ListTagsForResource"
@@ -11496,6 +13047,14 @@
"Definition": {
"$ref": "#/definitions/DashboardVersionDefinition"
},
+ "FolderArns": {
+ "items": {
+ "type": "string"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
"LastPublishedTime": {
"description": "The last time that this dashboard was published.
",
"format": "date-time",
@@ -11575,6 +13134,18 @@
"Name"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-quicksight",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "quicksight:TagResource",
+ "quicksight:UntagResource",
+ "quicksight:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::QuickSight::Dashboard",
"writeOnlyProperties": [
"/properties/DashboardPublishOptions",
@@ -11584,6 +13155,7 @@
"/properties/SourceEntity",
"/properties/ThemeArn",
"/properties/VersionDescription",
- "/properties/ValidationStrategy"
+ "/properties/ValidationStrategy",
+ "/properties/FolderArns"
]
}
diff --git a/schema/aws-quicksight-dataset.json b/schema/aws-quicksight-dataset.json
index 18b70a9..705c942 100644
--- a/schema/aws-quicksight-dataset.json
+++ b/schema/aws-quicksight-dataset.json
@@ -23,7 +23,7 @@
},
"Expression": {
"description": "An expression that defines the calculated column.
",
- "maxLength": 4096,
+ "maxLength": 250000,
"minLength": 1,
"type": "string"
}
@@ -157,13 +157,10 @@
"$ref": "#/definitions/CalculatedColumn"
},
"maxItems": 128,
- "minItems": 1,
+ "minItems": 0,
"type": "array"
}
},
- "required": [
- "Columns"
- ],
"type": "object"
},
"CustomSql": {
@@ -197,7 +194,6 @@
}
},
"required": [
- "Columns",
"DataSourceArn",
"Name",
"SqlQuery"
@@ -215,13 +211,13 @@
"additionalProperties": false,
"description": "The refresh properties of a dataset.
",
"properties": {
+ "FailureConfiguration": {
+ "$ref": "#/definitions/RefreshFailureConfiguration"
+ },
"RefreshConfiguration": {
"$ref": "#/definitions/RefreshConfiguration"
}
},
- "required": [
- "RefreshConfiguration"
- ],
"type": "object"
},
"DataSetUsageConfiguration": {
@@ -241,6 +237,12 @@
},
"type": "object"
},
+ "DataSetUseAs": {
+ "enum": [
+ "RLS_RULES"
+ ],
+ "type": "string"
+ },
"DatasetParameter": {
"additionalProperties": false,
"description": "A dataset parameter.
",
@@ -683,8 +685,7 @@
}
},
"required": [
- "Alias",
- "Source"
+ "Alias"
],
"type": "object"
},
@@ -856,6 +857,20 @@
],
"type": "object"
},
+ "PerformanceConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "UniqueKeys": {
+ "items": {
+ "$ref": "#/definitions/UniqueKey"
+ },
+ "maxItems": 1,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
"PhysicalTable": {
"additionalProperties": false,
"description": "A view of a data source that contains information about the shape of the data in the\n underlying source. This is a variant type structure. For this structure to be valid,\n only one of the attributes can be non-null.
",
@@ -893,7 +908,7 @@
"type": "string"
},
"maxItems": 2000,
- "minItems": 1,
+ "minItems": 0,
"type": "array"
}
},
@@ -915,6 +930,31 @@
],
"type": "object"
},
+ "RefreshFailureAlertStatus": {
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "RefreshFailureConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "EmailAlert": {
+ "$ref": "#/definitions/RefreshFailureEmailAlert"
+ }
+ },
+ "type": "object"
+ },
+ "RefreshFailureEmailAlert": {
+ "additionalProperties": false,
+ "properties": {
+ "AlertStatus": {
+ "$ref": "#/definitions/RefreshFailureAlertStatus"
+ }
+ },
+ "type": "object"
+ },
"RelationalTable": {
"additionalProperties": false,
"description": "A physical table type for relational data sources.
",
@@ -953,7 +993,6 @@
},
"required": [
"DataSourceArn",
- "InputColumns",
"Name"
],
"type": "object"
@@ -976,8 +1015,7 @@
}
},
"required": [
- "ColumnName",
- "NewColumnName"
+ "ColumnName"
],
"type": "object"
},
@@ -1145,8 +1183,7 @@
}
},
"required": [
- "DataSourceArn",
- "InputColumns"
+ "DataSourceArn"
],
"type": "object"
},
@@ -1309,6 +1346,25 @@
},
"type": "object"
},
+ "UniqueKey": {
+ "additionalProperties": false,
+ "properties": {
+ "ColumnNames": {
+ "items": {
+ "maxLength": 127,
+ "minLength": 1,
+ "type": "string"
+ },
+ "maxItems": 1,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "ColumnNames"
+ ],
+ "type": "object"
+ },
"UntagColumnOperation": {
"additionalProperties": false,
"description": "A transform operation that removes tags associated with a column.
",
@@ -1376,7 +1432,10 @@
"quicksight:TagResource",
"quicksight:ListTagsForResource",
"quicksight:DescribeDataSetRefreshProperties",
- "quicksight:PutDataSetRefreshProperties"
+ "quicksight:PutDataSetRefreshProperties",
+ "quicksight:CreateFolderMembership",
+ "quicksight:DeleteFolderMembership",
+ "quicksight:ListFoldersForResource"
]
},
"delete": {
@@ -1414,6 +1473,9 @@
"quicksight:DescribeIngestion",
"quicksight:ListIngestions",
"quicksight:CancelIngestion",
+ "quicksight:CreateFolderMembership",
+ "quicksight:DeleteFolderMembership",
+ "quicksight:ListFoldersForResource",
"quicksight:TagResource",
"quicksight:UntagResource",
"quicksight:ListTagsForResource",
@@ -1486,6 +1548,15 @@
"FieldFolders": {
"$ref": "#/definitions/FieldFolderMap"
},
+ "FolderArns": {
+ "description": "When you create the dataset, Amazon QuickSight adds the dataset to these folders.
",
+ "items": {
+ "type": "string"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
"ImportMode": {
"$ref": "#/definitions/DataSetImportMode"
},
@@ -1513,6 +1584,9 @@
},
"type": "array"
},
+ "PerformanceConfiguration": {
+ "$ref": "#/definitions/PerformanceConfiguration"
+ },
"Permissions": {
"description": "A list of resource permissions on the dataset.
",
"items": {
@@ -1539,6 +1613,9 @@
"maxItems": 200,
"minItems": 1,
"type": "array"
+ },
+ "UseAs": {
+ "$ref": "#/definitions/DataSetUseAs"
}
},
"readOnlyProperties": [
@@ -1550,6 +1627,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "quicksight:TagResource",
+ "quicksight:UntagResource",
+ "quicksight:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
@@ -1558,6 +1640,7 @@
"typeName": "AWS::QuickSight::DataSet",
"writeOnlyProperties": [
"/properties/FieldFolders",
- "/properties/IngestionWaitPolicy"
+ "/properties/IngestionWaitPolicy",
+ "/properties/FolderArns"
]
}
diff --git a/schema/aws-quicksight-datasource.json b/schema/aws-quicksight-datasource.json
index 360950e..e3e43d5 100644
--- a/schema/aws-quicksight-datasource.json
+++ b/schema/aws-quicksight-datasource.json
@@ -119,6 +119,14 @@
],
"type": "object"
},
+ "AuthenticationType": {
+ "enum": [
+ "PASSWORD",
+ "TOKEN",
+ "X509"
+ ],
+ "type": "string"
+ },
"AwsIotAnalyticsParameters": {
"additionalProperties": false,
"description": "The parameters for IoT Analytics.
",
@@ -309,6 +317,7 @@
"PRESTO",
"REDSHIFT",
"S3",
+ "S3_TABLES",
"SALESFORCE",
"SERVICENOW",
"SNOWFLAKE",
@@ -324,7 +333,9 @@
"MONGO",
"MONGO_ATLAS",
"DOCUMENTDB",
- "APPFLOW"
+ "APPFLOW",
+ "IMPALA",
+ "GLUE"
],
"type": "string"
},
@@ -456,6 +467,33 @@
],
"type": "object"
},
+ "OAuthParameters": {
+ "additionalProperties": false,
+ "properties": {
+ "IdentityProviderResourceUri": {
+ "maxLength": 2048,
+ "minLength": 1,
+ "type": "string"
+ },
+ "IdentityProviderVpcConnectionProperties": {
+ "$ref": "#/definitions/VpcConnectionProperties"
+ },
+ "OAuthScope": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "TokenProviderUrl": {
+ "maxLength": 2048,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "TokenProviderUrl"
+ ],
+ "type": "object"
+ },
"OracleParameters": {
"additionalProperties": false,
"description": "The parameters for Oracle.
",
@@ -715,18 +753,29 @@
"additionalProperties": false,
"description": "The parameters for Snowflake.
",
"properties": {
+ "AuthenticationType": {
+ "$ref": "#/definitions/AuthenticationType"
+ },
"Database": {
"description": "Database.
",
"maxLength": 128,
"minLength": 1,
"type": "string"
},
+ "DatabaseAccessControlRole": {
+ "maxLength": 128,
+ "minLength": 0,
+ "type": "string"
+ },
"Host": {
"description": "Host.
",
"maxLength": 256,
"minLength": 1,
"type": "string"
},
+ "OAuthParameters": {
+ "$ref": "#/definitions/OAuthParameters"
+ },
"Warehouse": {
"description": "Warehouse.
",
"maxLength": 128,
@@ -812,18 +861,29 @@
"additionalProperties": false,
"description": "The parameters that are required to connect to a Starburst data source.
",
"properties": {
+ "AuthenticationType": {
+ "$ref": "#/definitions/AuthenticationType"
+ },
"Catalog": {
"description": "The catalog name for the Starburst data source.
",
"maxLength": 128,
"minLength": 0,
"type": "string"
},
+ "DatabaseAccessControlRole": {
+ "maxLength": 128,
+ "minLength": 0,
+ "type": "string"
+ },
"Host": {
"description": "The host name of the Starburst data source.
",
"maxLength": 256,
"minLength": 1,
"type": "string"
},
+ "OAuthParameters": {
+ "$ref": "#/definitions/OAuthParameters"
+ },
"Port": {
"default": 0,
"description": "The port for the Starburst data source.
",
@@ -957,7 +1017,10 @@
"quicksight:DescribeDataSource",
"quicksight:DescribeDataSourcePermissions",
"quicksight:TagResource",
- "quicksight:ListTagsForResource"
+ "quicksight:ListTagsForResource",
+ "quicksight:CreateFolderMembership",
+ "quicksight:DeleteFolderMembership",
+ "quicksight:ListFoldersForResource"
]
},
"delete": {
@@ -987,6 +1050,9 @@
"quicksight:DescribeDataSourcePermissions",
"quicksight:UpdateDataSource",
"quicksight:UpdateDataSourcePermissions",
+ "quicksight:CreateFolderMembership",
+ "quicksight:DeleteFolderMembership",
+ "quicksight:ListFoldersForResource",
"quicksight:TagResource",
"quicksight:UntagResource",
"quicksight:ListTagsForResource"
@@ -1034,6 +1100,14 @@
"ErrorInfo": {
"$ref": "#/definitions/DataSourceErrorInfo"
},
+ "FolderArns": {
+ "items": {
+ "type": "string"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
"LastUpdatedTime": {
"description": "The last time that this data source was updated.
",
"format": "date-time",
@@ -1084,8 +1158,21 @@
"Type"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-quicksight",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "quicksight:TagResource",
+ "quicksight:UntagResource",
+ "quicksight:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::QuickSight::DataSource",
"writeOnlyProperties": [
- "/properties/Credentials"
+ "/properties/Credentials",
+ "/properties/FolderArns"
]
}
diff --git a/schema/aws-quicksight-folder.json b/schema/aws-quicksight-folder.json
new file mode 100644
index 0000000..315ffdb
--- /dev/null
+++ b/schema/aws-quicksight-folder.json
@@ -0,0 +1,204 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ParentFolderArn",
+ "/properties/SharingModel",
+ "/properties/FolderType",
+ "/properties/FolderId",
+ "/properties/AwsAccountId"
+ ],
+ "definitions": {
+ "FolderType": {
+ "enum": [
+ "SHARED",
+ "RESTRICTED"
+ ],
+ "type": "string"
+ },
+ "ResourcePermission": {
+ "additionalProperties": false,
+ "description": "Permission for the resource.
",
+ "properties": {
+ "Actions": {
+ "description": "The IAM action to grant or revoke permissions on.
",
+ "insertionOrder": false,
+ "items": {
+ "type": "string"
+ },
+ "maxItems": 20,
+ "minItems": 1,
+ "type": "array"
+ },
+ "Principal": {
+ "description": "The Amazon Resource Name (ARN) of the principal. This can be one of the\n following:
\n \n - \n
The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)
\n \n - \n
The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)
\n \n - \n
The ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight\n ARN. Use this option only to share resources (templates) across Amazon Web Services accounts.\n (This is less common.)
\n \n
",
+ "maxLength": 256,
+ "minLength": 1,
+ "pattern": "^arn:.*",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Actions",
+ "Principal"
+ ],
+ "type": "object"
+ },
+ "SharingModel": {
+ "enum": [
+ "ACCOUNT",
+ "NAMESPACE"
+ ],
+ "type": "string"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "description": "The key or keys of the key-value pairs for the resource tag or tags assigned to the\n resource.
",
+ "properties": {
+ "Key": {
+ "description": "Tag key.
",
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "description": "Tag value.
",
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "Definition of the AWS::QuickSight::Folder Resource Type.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "quicksight:CreateFolder",
+ "quicksight:DescribeFolder",
+ "quicksight:UpdateFolderPermissions",
+ "quicksight:DescribeFolderPermissions",
+ "quicksight:TagResource",
+ "quicksight:ListTagsForResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "quicksight:DeleteFolder"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "quicksight:ListFolders"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "quicksight:DescribeFolder",
+ "quicksight:DescribeFolderPermissions",
+ "quicksight:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "quicksight:DescribeFolder",
+ "quicksight:UpdateFolder",
+ "quicksight:DescribeFolderPermissions",
+ "quicksight:UpdateFolderPermissions",
+ "quicksight:ListTagsForResource",
+ "quicksight:TagResource",
+ "quicksight:UntagResource"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/AwsAccountId",
+ "/properties/FolderId"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "The Amazon Resource Name (ARN) for the folder.
",
+ "pattern": "^arn:.*",
+ "type": "string"
+ },
+ "AwsAccountId": {
+ "maxLength": 12,
+ "minLength": 12,
+ "pattern": "^[0-9]{12}$",
+ "type": "string"
+ },
+ "CreatedTime": {
+ "description": "The time that the folder was created.
",
+ "format": "date-time",
+ "type": "string"
+ },
+ "FolderId": {
+ "maxLength": 2048,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "FolderType": {
+ "$ref": "#/definitions/FolderType"
+ },
+ "LastUpdatedTime": {
+ "description": "The time that the folder was last updated.
",
+ "format": "date-time",
+ "type": "string"
+ },
+ "Name": {
+ "maxLength": 200,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ParentFolderArn": {
+ "type": "string"
+ },
+ "Permissions": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/ResourcePermission"
+ },
+ "maxItems": 64,
+ "minItems": 1,
+ "type": "array"
+ },
+ "SharingModel": {
+ "$ref": "#/definitions/SharingModel"
+ },
+ "Tags": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 200,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/CreatedTime",
+ "/properties/LastUpdatedTime"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "quicksight:TagResource",
+ "quicksight:UntagResource",
+ "quicksight:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::QuickSight::Folder",
+ "writeOnlyProperties": [
+ "/properties/ParentFolderArn"
+ ]
+}
diff --git a/schema/aws-quicksight-template.json b/schema/aws-quicksight-template.json
index 3e21f0f..5104466 100644
--- a/schema/aws-quicksight-template.json
+++ b/schema/aws-quicksight-template.json
@@ -209,9 +209,7 @@
"AxisDisplayOptions": {
"additionalProperties": false,
"properties": {
- "AxisLineVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "AxisLineVisibility": {},
"AxisOffset": {
"description": "String based length that is composed of value and unit in px",
"type": "string"
@@ -219,9 +217,7 @@
"DataOptions": {
"$ref": "#/definitions/AxisDataOptions"
},
- "GridLineVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "GridLineVisibility": {},
"ScrollbarOptions": {
"$ref": "#/definitions/ScrollBarOptions"
},
@@ -392,6 +388,9 @@
"FieldWells": {
"$ref": "#/definitions/BarChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -510,6 +509,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -573,6 +577,9 @@
"PageBreakConfiguration": {
"$ref": "#/definitions/SectionPageBreakConfiguration"
},
+ "RepeatConfiguration": {
+ "$ref": "#/definitions/BodySectionRepeatConfiguration"
+ },
"SectionId": {
"maxLength": 512,
"minLength": 1,
@@ -598,6 +605,105 @@
},
"type": "object"
},
+ "BodySectionDynamicCategoryDimensionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Column": {
+ "$ref": "#/definitions/ColumnIdentifier"
+ },
+ "Limit": {
+ "maximum": 1000,
+ "minimum": 1,
+ "type": "number"
+ },
+ "SortByMetrics": {
+ "items": {
+ "$ref": "#/definitions/ColumnSort"
+ },
+ "maxItems": 100,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Column"
+ ],
+ "type": "object"
+ },
+ "BodySectionDynamicNumericDimensionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Column": {
+ "$ref": "#/definitions/ColumnIdentifier"
+ },
+ "Limit": {
+ "maximum": 1000,
+ "minimum": 1,
+ "type": "number"
+ },
+ "SortByMetrics": {
+ "items": {
+ "$ref": "#/definitions/ColumnSort"
+ },
+ "maxItems": 100,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Column"
+ ],
+ "type": "object"
+ },
+ "BodySectionRepeatConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "DimensionConfigurations": {
+ "items": {
+ "$ref": "#/definitions/BodySectionRepeatDimensionConfiguration"
+ },
+ "maxItems": 3,
+ "minItems": 0,
+ "type": "array"
+ },
+ "NonRepeatingVisuals": {
+ "items": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "maxItems": 20,
+ "minItems": 0,
+ "type": "array"
+ },
+ "PageBreakConfiguration": {
+ "$ref": "#/definitions/BodySectionRepeatPageBreakConfiguration"
+ }
+ },
+ "type": "object"
+ },
+ "BodySectionRepeatDimensionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "DynamicCategoryDimensionConfiguration": {
+ "$ref": "#/definitions/BodySectionDynamicCategoryDimensionConfiguration"
+ },
+ "DynamicNumericDimensionConfiguration": {
+ "$ref": "#/definitions/BodySectionDynamicNumericDimensionConfiguration"
+ }
+ },
+ "type": "object"
+ },
+ "BodySectionRepeatPageBreakConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "After": {
+ "$ref": "#/definitions/SectionAfterPageBreak"
+ }
+ },
+ "type": "object"
+ },
"BoxPlotAggregatedFieldWells": {
"additionalProperties": false,
"properties": {
@@ -635,6 +741,9 @@
"FieldWells": {
"$ref": "#/definitions/BoxPlotFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -683,12 +792,8 @@
"BoxPlotOptions": {
"additionalProperties": false,
"properties": {
- "AllDataPointsVisibility": {
- "$ref": "#/definitions/Visibility"
- },
- "OutlierVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "AllDataPointsVisibility": {},
+ "OutlierVisibility": {},
"StyleOptions": {
"$ref": "#/definitions/BoxPlotStyleOptions"
}
@@ -749,6 +854,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -971,6 +1081,25 @@
],
"type": "string"
},
+ "CategoryInnerFilter": {
+ "additionalProperties": false,
+ "properties": {
+ "Column": {
+ "$ref": "#/definitions/ColumnIdentifier"
+ },
+ "Configuration": {
+ "$ref": "#/definitions/CategoryFilterConfiguration"
+ },
+ "DefaultFilterControlConfiguration": {
+ "$ref": "#/definitions/DefaultFilterControlConfiguration"
+ }
+ },
+ "required": [
+ "Column",
+ "Configuration"
+ ],
+ "type": "object"
+ },
"ChartAxisLabelOptions": {
"additionalProperties": false,
"properties": {
@@ -982,12 +1111,8 @@
"minItems": 0,
"type": "array"
},
- "SortIconVisibility": {
- "$ref": "#/definitions/Visibility"
- },
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "SortIconVisibility": {},
+ "Visibility": {}
},
"type": "object"
},
@@ -1198,9 +1323,10 @@
"Label": {
"type": "string"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "TooltipTarget": {
+ "$ref": "#/definitions/TooltipTarget"
+ },
+ "Visibility": {}
},
"required": [
"Column"
@@ -1266,6 +1392,9 @@
"FieldWells": {
"$ref": "#/definitions/ComboChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -1292,6 +1421,9 @@
"SecondaryYAxisLabelOptions": {
"$ref": "#/definitions/ChartAxisLabelOptions"
},
+ "SingleAxisOptions": {
+ "$ref": "#/definitions/SingleAxisOptions"
+ },
"SortConfiguration": {
"$ref": "#/definitions/ComboChartSortConfiguration"
},
@@ -1369,6 +1501,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -1381,6 +1518,13 @@
],
"type": "object"
},
+ "CommitMode": {
+ "enum": [
+ "AUTO",
+ "MANUAL"
+ ],
+ "type": "string"
+ },
"ComparisonConfiguration": {
"additionalProperties": false,
"properties": {
@@ -1595,6 +1739,15 @@
],
"type": "object"
},
+ "ContextMenuOption": {
+ "additionalProperties": false,
+ "properties": {
+ "AvailabilityStatus": {
+ "$ref": "#/definitions/DashboardBehavior"
+ }
+ },
+ "type": "object"
+ },
"ContributionAnalysisDefault": {
"additionalProperties": false,
"properties": {
@@ -1754,6 +1907,9 @@
},
"ImageScaling": {
"$ref": "#/definitions/CustomContentImageScalingConfiguration"
+ },
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
}
},
"type": "object"
@@ -1799,6 +1955,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -1939,6 +2100,13 @@
],
"type": "object"
},
+ "DashboardBehavior": {
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"DataBarsOptions": {
"additionalProperties": false,
"properties": {
@@ -2010,9 +2178,7 @@
"DataLabelOptions": {
"additionalProperties": false,
"properties": {
- "CategoryLabelVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "CategoryLabelVisibility": {},
"DataLabelTypes": {
"items": {
"$ref": "#/definitions/DataLabelType"
@@ -2031,21 +2197,15 @@
"LabelFontConfiguration": {
"$ref": "#/definitions/FontConfiguration"
},
- "MeasureLabelVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "MeasureLabelVisibility": {},
"Overlap": {
"$ref": "#/definitions/DataLabelOverlap"
},
"Position": {
"$ref": "#/definitions/DataLabelPosition"
},
- "TotalsVisibility": {
- "$ref": "#/definitions/Visibility"
- },
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "TotalsVisibility": {},
+ "Visibility": {}
},
"type": "object"
},
@@ -2121,9 +2281,7 @@
"minLength": 0,
"type": "string"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -2247,9 +2405,7 @@
"DateAxisOptions": {
"additionalProperties": false,
"properties": {
- "MissingDateVisibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "MissingDateVisibility": {}
},
"type": "object"
},
@@ -2401,11 +2557,13 @@
"DateTimePickerControlDisplayOptions": {
"additionalProperties": false,
"properties": {
+ "DateIconVisibility": {},
"DateTimeFormat": {
"maxLength": 128,
"minLength": 1,
"type": "string"
},
+ "HelperTextVisibility": {},
"InfoIconLabelOptions": {
"$ref": "#/definitions/SheetControlInfoIconLabelOptions"
},
@@ -2520,6 +2678,9 @@
"DefaultDateTimePickerControlOptions": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DateTimePickerControlDisplayOptions"
},
@@ -2577,6 +2738,9 @@
"DefaultFilterDropDownControlOptions": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DropDownControlDisplayOptions"
},
@@ -2667,6 +2831,9 @@
"DefaultRelativeDateTimeControlOptions": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/RelativeDateTimeControlDisplayOptions"
}
@@ -2760,6 +2927,13 @@
},
"type": "object"
},
+ "DigitGroupingStyle": {
+ "enum": [
+ "DEFAULT",
+ "LAKHS"
+ ],
+ "type": "string"
+ },
"DimensionField": {
"additionalProperties": false,
"properties": {
@@ -2778,9 +2952,7 @@
"DonutCenterOptions": {
"additionalProperties": false,
"properties": {
- "LabelVisibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "LabelVisibility": {}
},
"type": "object"
},
@@ -2937,9 +3109,7 @@
"FieldBasedTooltip": {
"additionalProperties": false,
"properties": {
- "AggregationVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "AggregationVisibility": {},
"TooltipFields": {
"items": {
"$ref": "#/definitions/TooltipItem"
@@ -2962,9 +3132,7 @@
"minLength": 1,
"type": "string"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -3030,9 +3198,10 @@
"Label": {
"type": "string"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "TooltipTarget": {
+ "$ref": "#/definitions/TooltipTarget"
+ },
+ "Visibility": {}
},
"required": [
"FieldId"
@@ -3096,6 +3265,9 @@
"FieldWells": {
"$ref": "#/definitions/FilledMapFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -3185,6 +3357,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -3203,6 +3380,9 @@
"CategoryFilter": {
"$ref": "#/definitions/CategoryFilter"
},
+ "NestedFilter": {
+ "$ref": "#/definitions/NestedFilter"
+ },
"NumericEqualityFilter": {
"$ref": "#/definitions/NumericEqualityFilter"
},
@@ -3282,6 +3462,9 @@
"FilterDateTimePickerControl": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DateTimePickerControlDisplayOptions"
},
@@ -3319,6 +3502,9 @@
"CascadingControlConfiguration": {
"$ref": "#/definitions/CascadingControlConfiguration"
},
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DropDownControlDisplayOptions"
},
@@ -3504,6 +3690,9 @@
"FilterRelativeDateTimeControl": {
"additionalProperties": false,
"properties": {
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/RelativeDateTimeControlDisplayOptions"
},
@@ -3691,6 +3880,9 @@
"FontDecoration": {
"$ref": "#/definitions/FontDecoration"
},
+ "FontFamily": {
+ "type": "string"
+ },
"FontSize": {
"$ref": "#/definitions/FontSize"
},
@@ -3713,6 +3905,10 @@
"FontSize": {
"additionalProperties": false,
"properties": {
+ "Absolute": {
+ "description": "String based length that is composed of value and unit in px",
+ "type": "string"
+ },
"Relative": {
"$ref": "#/definitions/RelativeFontSize"
}
@@ -3909,9 +4105,7 @@
"SelectedBorderStyle": {
"$ref": "#/definitions/FreeFormLayoutElementBorderStyle"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "Visibility": {},
"Width": {
"description": "String based length that is composed of value and unit in px",
"type": "string"
@@ -3942,9 +4136,7 @@
"pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
"type": "string"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -3955,9 +4147,7 @@
"pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
"type": "string"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -4025,6 +4215,9 @@
"FieldWells": {
"$ref": "#/definitions/FunnelChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"SortConfiguration": {
"$ref": "#/definitions/FunnelChartSortConfiguration"
},
@@ -4043,9 +4236,7 @@
"FunnelChartDataLabelOptions": {
"additionalProperties": false,
"properties": {
- "CategoryLabelVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "CategoryLabelVisibility": {},
"LabelColor": {
"pattern": "^#[A-F0-9]{6}$",
"type": "string"
@@ -4056,15 +4247,11 @@
"MeasureDataLabelStyle": {
"$ref": "#/definitions/FunnelChartMeasureDataLabelStyle"
},
- "MeasureLabelVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "MeasureLabelVisibility": {},
"Position": {
"$ref": "#/definitions/DataLabelPosition"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -4132,6 +4319,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -4153,6 +4345,20 @@
},
"type": "object"
},
+ "GaugeChartColorConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "BackgroundColor": {
+ "pattern": "^#[A-F0-9]{6}$",
+ "type": "string"
+ },
+ "ForegroundColor": {
+ "pattern": "^#[A-F0-9]{6}$",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"GaugeChartConditionalFormatting": {
"additionalProperties": false,
"properties": {
@@ -4182,6 +4388,9 @@
"GaugeChartConfiguration": {
"additionalProperties": false,
"properties": {
+ "ColorConfiguration": {
+ "$ref": "#/definitions/GaugeChartColorConfiguration"
+ },
"DataLabels": {
"$ref": "#/definitions/DataLabelOptions"
},
@@ -4191,6 +4400,9 @@
"GaugeChartOptions": {
"$ref": "#/definitions/GaugeChartOptions"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"TooltipOptions": {
"$ref": "#/definitions/TooltipOptions"
},
@@ -4278,6 +4490,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -4461,6 +4678,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -4473,49 +4695,158 @@
],
"type": "object"
},
- "GeospatialPointStyleOptions": {
+ "GeospatialNullDataSettings": {
"additionalProperties": false,
"properties": {
- "ClusterMarkerConfiguration": {
- "$ref": "#/definitions/ClusterMarkerConfiguration"
- },
- "HeatmapConfiguration": {
- "$ref": "#/definitions/GeospatialHeatmapConfiguration"
- },
- "SelectedPointStyle": {
- "$ref": "#/definitions/GeospatialSelectedPointStyle"
+ "SymbolStyle": {
+ "$ref": "#/definitions/GeospatialNullSymbolStyle"
}
},
- "type": "object"
- },
- "GeospatialSelectedPointStyle": {
- "enum": [
- "POINT",
- "CLUSTER",
- "HEATMAP"
+ "required": [
+ "SymbolStyle"
],
- "type": "string"
+ "type": "object"
},
- "GeospatialWindowOptions": {
+ "GeospatialNullSymbolStyle": {
"additionalProperties": false,
"properties": {
- "Bounds": {
- "$ref": "#/definitions/GeospatialCoordinateBounds"
+ "FillColor": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
},
- "MapZoomMode": {
- "$ref": "#/definitions/MapZoomMode"
+ "StrokeColor": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "StrokeWidth": {
+ "minimum": 0,
+ "type": "number"
}
},
"type": "object"
},
- "GlobalTableBorderOptions": {
+ "GeospatialPointLayer": {
"additionalProperties": false,
"properties": {
- "SideSpecificBorder": {
- "$ref": "#/definitions/TableSideBorderOptions"
- },
- "UniformBorder": {
- "$ref": "#/definitions/TableBorderOptions"
+ "Style": {
+ "$ref": "#/definitions/GeospatialPointStyle"
+ }
+ },
+ "required": [
+ "Style"
+ ],
+ "type": "object"
+ },
+ "GeospatialPointStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "CircleSymbolStyle": {}
+ },
+ "type": "object"
+ },
+ "GeospatialPointStyleOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "ClusterMarkerConfiguration": {
+ "$ref": "#/definitions/ClusterMarkerConfiguration"
+ },
+ "HeatmapConfiguration": {
+ "$ref": "#/definitions/GeospatialHeatmapConfiguration"
+ },
+ "SelectedPointStyle": {
+ "$ref": "#/definitions/GeospatialSelectedPointStyle"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialPolygonLayer": {
+ "additionalProperties": false,
+ "properties": {
+ "Style": {
+ "$ref": "#/definitions/GeospatialPolygonStyle"
+ }
+ },
+ "required": [
+ "Style"
+ ],
+ "type": "object"
+ },
+ "GeospatialPolygonStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "PolygonSymbolStyle": {
+ "$ref": "#/definitions/GeospatialPolygonSymbolStyle"
+ }
+ },
+ "type": "object"
+ },
+ "GeospatialPolygonSymbolStyle": {
+ "additionalProperties": false,
+ "properties": {
+ "FillColor": {},
+ "StrokeColor": {},
+ "StrokeWidth": {}
+ },
+ "type": "object"
+ },
+ "GeospatialSelectedPointStyle": {
+ "enum": [
+ "POINT",
+ "CLUSTER",
+ "HEATMAP"
+ ],
+ "type": "string"
+ },
+ "GeospatialSolidColor": {
+ "additionalProperties": false,
+ "description": "Describes the properties for a solid color",
+ "properties": {
+ "Color": {
+ "pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
+ "type": "string"
+ },
+ "State": {}
+ },
+ "required": [
+ "Color"
+ ],
+ "type": "object"
+ },
+ "GeospatialStaticFileSource": {
+ "additionalProperties": false,
+ "properties": {
+ "StaticFileId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "StaticFileId"
+ ],
+ "type": "object"
+ },
+ "GeospatialWindowOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "Bounds": {
+ "$ref": "#/definitions/GeospatialCoordinateBounds"
+ },
+ "MapZoomMode": {
+ "$ref": "#/definitions/MapZoomMode"
+ }
+ },
+ "type": "object"
+ },
+ "GlobalTableBorderOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "SideSpecificBorder": {
+ "$ref": "#/definitions/TableSideBorderOptions"
+ },
+ "UniformBorder": {
+ "$ref": "#/definitions/TableBorderOptions"
}
},
"type": "object"
@@ -4738,6 +5069,9 @@
"FieldWells": {
"$ref": "#/definitions/HeatMapFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -4818,6 +5152,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -4882,6 +5221,9 @@
"FieldWells": {
"$ref": "#/definitions/HistogramFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Tooltip": {
"$ref": "#/definitions/TooltipOptions"
},
@@ -4929,6 +5271,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -4981,6 +5328,110 @@
],
"type": "string"
},
+ "ImageCustomAction": {
+ "additionalProperties": false,
+ "properties": {
+ "ActionOperations": {
+ "items": {
+ "$ref": "#/definitions/ImageCustomActionOperation"
+ },
+ "maxItems": 2,
+ "minItems": 1,
+ "type": "array"
+ },
+ "CustomActionId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "Name": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/WidgetStatus"
+ },
+ "Trigger": {
+ "$ref": "#/definitions/ImageCustomActionTrigger"
+ }
+ },
+ "required": [
+ "ActionOperations",
+ "CustomActionId",
+ "Name",
+ "Trigger"
+ ],
+ "type": "object"
+ },
+ "ImageCustomActionOperation": {
+ "additionalProperties": false,
+ "properties": {
+ "NavigationOperation": {
+ "$ref": "#/definitions/CustomActionNavigationOperation"
+ },
+ "SetParametersOperation": {
+ "$ref": "#/definitions/CustomActionSetParametersOperation"
+ },
+ "URLOperation": {
+ "$ref": "#/definitions/CustomActionURLOperation"
+ }
+ },
+ "type": "object"
+ },
+ "ImageCustomActionTrigger": {
+ "enum": [
+ "CLICK",
+ "MENU"
+ ],
+ "type": "string"
+ },
+ "ImageInteractionOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "ImageMenuOption": {
+ "$ref": "#/definitions/ImageMenuOption"
+ }
+ },
+ "type": "object"
+ },
+ "ImageMenuOption": {
+ "additionalProperties": false,
+ "properties": {
+ "AvailabilityStatus": {
+ "$ref": "#/definitions/DashboardBehavior"
+ }
+ },
+ "type": "object"
+ },
+ "ImageStaticFile": {
+ "additionalProperties": false,
+ "properties": {
+ "Source": {
+ "$ref": "#/definitions/StaticFileSource"
+ },
+ "StaticFileId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "StaticFileId"
+ ],
+ "type": "object"
+ },
+ "InnerFilter": {
+ "additionalProperties": false,
+ "properties": {
+ "CategoryInnerFilter": {
+ "$ref": "#/definitions/CategoryInnerFilter"
+ }
+ },
+ "type": "object"
+ },
"InsightConfiguration": {
"additionalProperties": false,
"properties": {
@@ -4994,6 +5445,9 @@
},
"CustomNarrative": {
"$ref": "#/definitions/CustomNarrativeOptions"
+ },
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
}
},
"type": "object"
@@ -5023,6 +5477,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -5174,6 +5633,9 @@
"FieldWells": {
"$ref": "#/definitions/KPIFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"KPIOptions": {
"$ref": "#/definitions/KPIOptions"
},
@@ -5288,15 +5750,11 @@
"pattern": "^#[A-F0-9]{6}$",
"type": "string"
},
- "TooltipVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "TooltipVisibility": {},
"Type": {
"$ref": "#/definitions/KPISparklineType"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"required": [
"Type"
@@ -5341,6 +5799,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -5390,12 +5853,105 @@
"FontConfiguration": {
"$ref": "#/definitions/FontConfiguration"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
+ "Visibility": {}
+ },
+ "type": "object"
+ },
+ "LayerCustomAction": {
+ "additionalProperties": false,
+ "properties": {
+ "ActionOperations": {
+ "items": {
+ "$ref": "#/definitions/LayerCustomActionOperation"
+ },
+ "maxItems": 2,
+ "minItems": 1,
+ "type": "array"
+ },
+ "CustomActionId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "Name": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/WidgetStatus"
+ },
+ "Trigger": {
+ "$ref": "#/definitions/LayerCustomActionTrigger"
+ }
+ },
+ "required": [
+ "ActionOperations",
+ "CustomActionId",
+ "Name",
+ "Trigger"
+ ],
+ "type": "object"
+ },
+ "LayerCustomActionOperation": {
+ "additionalProperties": false,
+ "properties": {
+ "FilterOperation": {
+ "$ref": "#/definitions/CustomActionFilterOperation"
+ },
+ "NavigationOperation": {
+ "$ref": "#/definitions/CustomActionNavigationOperation"
+ },
+ "SetParametersOperation": {
+ "$ref": "#/definitions/CustomActionSetParametersOperation"
+ },
+ "URLOperation": {
+ "$ref": "#/definitions/CustomActionURLOperation"
}
},
"type": "object"
},
+ "LayerCustomActionTrigger": {
+ "enum": [
+ "DATA_POINT_CLICK",
+ "DATA_POINT_MENU"
+ ],
+ "type": "string"
+ },
+ "LayerMapVisual": {
+ "additionalProperties": false,
+ "properties": {
+ "ChartConfiguration": {},
+ "DataSetIdentifier": {
+ "maxLength": 2048,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Subtitle": {
+ "$ref": "#/definitions/VisualSubtitleLabelOptions"
+ },
+ "Title": {
+ "$ref": "#/definitions/VisualTitleLabelOptions"
+ },
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
+ "VisualId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "DataSetIdentifier",
+ "VisualId"
+ ],
+ "type": "object"
+ },
"Layout": {
"additionalProperties": false,
"properties": {
@@ -5428,7 +5984,8 @@
"VISUAL",
"FILTER_CONTROL",
"PARAMETER_CONTROL",
- "TEXT_BOX"
+ "TEXT_BOX",
+ "IMAGE"
],
"type": "string"
},
@@ -5445,9 +6002,10 @@
"Title": {
"$ref": "#/definitions/LabelOptions"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
+ "ValueFontConfiguration": {
+ "$ref": "#/definitions/FontConfiguration"
},
+ "Visibility": {},
"Width": {
"description": "String based length that is composed of value and unit in px",
"type": "string"
@@ -5530,6 +6088,9 @@
"minItems": 0,
"type": "array"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -5561,6 +6122,9 @@
"minItems": 0,
"type": "array"
},
+ "SingleAxisOptions": {
+ "$ref": "#/definitions/SingleAxisOptions"
+ },
"SmallMultiplesOptions": {
"$ref": "#/definitions/SmallMultiplesOptions"
},
@@ -5626,9 +6190,7 @@
"LineStyle": {
"$ref": "#/definitions/LineChartLineStyle"
},
- "LineVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "LineVisibility": {},
"LineWidth": {
"description": "String based length that is composed of value and unit in px",
"type": "string"
@@ -5660,9 +6222,7 @@
"description": "String based length that is composed of value and unit in px",
"type": "string"
},
- "MarkerVisibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "MarkerVisibility": {}
},
"type": "object"
},
@@ -5745,6 +6305,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -5803,27 +6368,21 @@
"ListControlSearchOptions": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
"ListControlSelectAllOptions": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
"LoadingAnimation": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -5889,9 +6448,7 @@
"MaximumLabelType": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -5978,9 +6535,7 @@
"MinimumLabelType": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -6020,6 +6575,34 @@
],
"type": "string"
},
+ "NestedFilter": {
+ "additionalProperties": false,
+ "properties": {
+ "Column": {
+ "$ref": "#/definitions/ColumnIdentifier"
+ },
+ "FilterId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "IncludeInnerSet": {
+ "default": false,
+ "type": "boolean"
+ },
+ "InnerFilter": {
+ "$ref": "#/definitions/InnerFilter"
+ }
+ },
+ "required": [
+ "Column",
+ "FilterId",
+ "IncludeInnerSet",
+ "InnerFilter"
+ ],
+ "type": "object"
+ },
"NullValueFormatConfiguration": {
"additionalProperties": false,
"properties": {
@@ -6081,7 +6664,9 @@
"THOUSANDS",
"MILLIONS",
"BILLIONS",
- "TRILLIONS"
+ "TRILLIONS",
+ "LAKHS",
+ "CRORES"
],
"type": "string"
},
@@ -6372,9 +6957,7 @@
"pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
"type": "string"
},
- "BackgroundVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "BackgroundVisibility": {},
"BorderColor": {
"pattern": "^#[A-F0-9]{6}(?:[A-F0-9]{2})?$",
"type": "string"
@@ -6386,16 +6969,12 @@
"description": "String based length that is composed of value and unit in px",
"type": "string"
},
- "BorderVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "BorderVisibility": {},
"GutterSpacing": {
"description": "String based length that is composed of value and unit in px",
"type": "string"
},
- "GutterVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "GutterVisibility": {},
"Title": {
"$ref": "#/definitions/PanelTitleOptions"
}
@@ -6411,9 +6990,7 @@
"HorizontalTextAlignment": {
"$ref": "#/definitions/HorizontalTextAlignment"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -6519,6 +7096,9 @@
"CascadingControlConfiguration": {
"$ref": "#/definitions/CascadingControlConfiguration"
},
+ "CommitMode": {
+ "$ref": "#/definitions/CommitMode"
+ },
"DisplayOptions": {
"$ref": "#/definitions/DropDownControlDisplayOptions"
},
@@ -6891,6 +7471,9 @@
"FieldWells": {
"$ref": "#/definitions/PieChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -6977,6 +7560,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -7114,6 +7702,9 @@
"FieldWells": {
"$ref": "#/definitions/PivotTableFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"PaginatedReportOptions": {
"$ref": "#/definitions/PivotTablePaginatedReportOptions"
},
@@ -7211,9 +7802,7 @@
"minLength": 1,
"type": "string"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"required": [
"FieldId"
@@ -7281,15 +7870,11 @@
"CellStyle": {
"$ref": "#/definitions/TableCellStyle"
},
- "CollapsedRowDimensionsVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "CollapsedRowDimensionsVisibility": {},
"ColumnHeaderStyle": {
"$ref": "#/definitions/TableCellStyle"
},
- "ColumnNamesVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "ColumnNamesVisibility": {},
"DefaultCellWidth": {
"description": "String based length that is composed of value and unit in px",
"type": "string"
@@ -7312,24 +7897,16 @@
"RowsLayout": {
"$ref": "#/definitions/PivotTableRowsLayout"
},
- "SingleMetricVisibility": {
- "$ref": "#/definitions/Visibility"
- },
- "ToggleButtonsVisibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "SingleMetricVisibility": {},
+ "ToggleButtonsVisibility": {}
},
"type": "object"
},
"PivotTablePaginatedReportOptions": {
"additionalProperties": false,
"properties": {
- "OverflowColumnHeaderVisibility": {
- "$ref": "#/definitions/Visibility"
- },
- "VerticalOverflowVisibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "OverflowColumnHeaderVisibility": {},
+ "VerticalOverflowVisibility": {}
},
"type": "object"
},
@@ -7341,9 +7918,7 @@
"minLength": 1,
"type": "string"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -7432,6 +8007,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -7470,15 +8050,166 @@
"TotalCellStyle": {
"$ref": "#/definitions/TableCellStyle"
},
- "TotalsVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "TotalsVisibility": {},
"ValueCellStyle": {
"$ref": "#/definitions/TableCellStyle"
}
},
"type": "object"
},
+ "PluginVisual": {
+ "additionalProperties": false,
+ "properties": {
+ "ChartConfiguration": {
+ "$ref": "#/definitions/PluginVisualConfiguration"
+ },
+ "PluginArn": {
+ "type": "string"
+ },
+ "Subtitle": {
+ "$ref": "#/definitions/VisualSubtitleLabelOptions"
+ },
+ "Title": {
+ "$ref": "#/definitions/VisualTitleLabelOptions"
+ },
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
+ "VisualId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "PluginArn",
+ "VisualId"
+ ],
+ "type": "object"
+ },
+ "PluginVisualAxisName": {
+ "enum": [
+ "GROUP_BY",
+ "VALUE"
+ ],
+ "type": "string"
+ },
+ "PluginVisualConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "FieldWells": {
+ "items": {
+ "$ref": "#/definitions/PluginVisualFieldWell"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
+ "SortConfiguration": {
+ "$ref": "#/definitions/PluginVisualSortConfiguration"
+ },
+ "VisualOptions": {
+ "$ref": "#/definitions/PluginVisualOptions"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualFieldWell": {
+ "additionalProperties": false,
+ "properties": {
+ "AxisName": {
+ "$ref": "#/definitions/PluginVisualAxisName"
+ },
+ "Dimensions": {
+ "items": {
+ "$ref": "#/definitions/DimensionField"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
+ },
+ "Measures": {
+ "items": {
+ "$ref": "#/definitions/MeasureField"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
+ },
+ "Unaggregated": {
+ "items": {
+ "$ref": "#/definitions/UnaggregatedField"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualItemsLimitConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ItemsLimit": {
+ "default": null,
+ "type": "number"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "VisualProperties": {
+ "items": {
+ "$ref": "#/definitions/PluginVisualProperty"
+ },
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualProperty": {
+ "additionalProperties": false,
+ "properties": {
+ "Name": {
+ "type": "string"
+ },
+ "Value": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualSortConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "PluginVisualTableQuerySort": {
+ "$ref": "#/definitions/PluginVisualTableQuerySort"
+ }
+ },
+ "type": "object"
+ },
+ "PluginVisualTableQuerySort": {
+ "additionalProperties": false,
+ "properties": {
+ "ItemsLimitConfiguration": {
+ "$ref": "#/definitions/PluginVisualItemsLimitConfiguration"
+ },
+ "RowSort": {
+ "items": {
+ "$ref": "#/definitions/FieldSortOptions"
+ },
+ "maxItems": 100,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
"PredefinedHierarchy": {
"additionalProperties": false,
"properties": {
@@ -7521,8 +8252,22 @@
"ProgressBarOptions": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
+ "Visibility": {}
+ },
+ "type": "object"
+ },
+ "QueryExecutionMode": {
+ "enum": [
+ "AUTO",
+ "MANUAL"
+ ],
+ "type": "string"
+ },
+ "QueryExecutionOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "QueryExecutionMode": {
+ "$ref": "#/definitions/QueryExecutionMode"
}
},
"type": "object"
@@ -7560,9 +8305,7 @@
"RadarChartAreaStyleSettings": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -7577,9 +8320,7 @@
"RadarChartConfiguration": {
"additionalProperties": false,
"properties": {
- "AlternateBandColorsVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "AlternateBandColorsVisibility": {},
"AlternateBandEvenColor": {
"pattern": "^#[A-F0-9]{6}$",
"type": "string"
@@ -7609,6 +8350,9 @@
"FieldWells": {
"$ref": "#/definitions/RadarChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -7710,6 +8454,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -7725,9 +8474,7 @@
"RangeEndsLabelType": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -8137,6 +8884,9 @@
"FieldWells": {
"$ref": "#/definitions/SankeyDiagramFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"SortConfiguration": {
"$ref": "#/definitions/SankeyDiagramSortConfiguration"
}
@@ -8192,6 +8942,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -8259,9 +9014,15 @@
"FieldWells": {
"$ref": "#/definitions/ScatterPlotFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
+ "SortConfiguration": {
+ "$ref": "#/definitions/ScatterPlotSortConfiguration"
+ },
"Tooltip": {
"$ref": "#/definitions/TooltipOptions"
},
@@ -8295,6 +9056,15 @@
},
"type": "object"
},
+ "ScatterPlotSortConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ScatterPlotLimitConfiguration": {
+ "$ref": "#/definitions/ItemsLimitConfiguration"
+ }
+ },
+ "type": "object"
+ },
"ScatterPlotUnaggregatedFieldWells": {
"additionalProperties": false,
"properties": {
@@ -8369,6 +9139,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -8384,9 +9159,7 @@
"ScrollBarOptions": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "Visibility": {},
"VisibleRange": {
"$ref": "#/definitions/VisibleRangeOptions"
}
@@ -8396,9 +9169,7 @@
"SecondaryValueOptions": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -8633,9 +9404,7 @@
"minLength": 1,
"type": "string"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -8693,6 +9462,14 @@
"minItems": 0,
"type": "array"
},
+ "Images": {
+ "items": {
+ "$ref": "#/definitions/SheetImage"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
"Layouts": {
"items": {
"$ref": "#/definitions/Layout"
@@ -8758,9 +9535,7 @@
"SheetElementConfigurationOverrides": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -8782,6 +9557,110 @@
],
"type": "object"
},
+ "SheetImage": {
+ "additionalProperties": false,
+ "properties": {
+ "Actions": {
+ "items": {
+ "$ref": "#/definitions/ImageCustomAction"
+ },
+ "maxItems": 10,
+ "minItems": 0,
+ "type": "array"
+ },
+ "ImageContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Interactions": {
+ "$ref": "#/definitions/ImageInteractionOptions"
+ },
+ "Scaling": {
+ "$ref": "#/definitions/SheetImageScalingConfiguration"
+ },
+ "SheetImageId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ },
+ "Source": {
+ "$ref": "#/definitions/SheetImageSource"
+ },
+ "Tooltip": {
+ "$ref": "#/definitions/SheetImageTooltipConfiguration"
+ }
+ },
+ "required": [
+ "SheetImageId",
+ "Source"
+ ],
+ "type": "object"
+ },
+ "SheetImageScalingConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ScalingType": {
+ "$ref": "#/definitions/SheetImageScalingType"
+ }
+ },
+ "type": "object"
+ },
+ "SheetImageScalingType": {
+ "enum": [
+ "SCALE_TO_WIDTH",
+ "SCALE_TO_HEIGHT",
+ "SCALE_TO_CONTAINER",
+ "SCALE_NONE"
+ ],
+ "type": "string"
+ },
+ "SheetImageSource": {
+ "additionalProperties": false,
+ "properties": {
+ "SheetImageStaticFileSource": {
+ "$ref": "#/definitions/SheetImageStaticFileSource"
+ }
+ },
+ "type": "object"
+ },
+ "SheetImageStaticFileSource": {
+ "additionalProperties": false,
+ "properties": {
+ "StaticFileId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "StaticFileId"
+ ],
+ "type": "object"
+ },
+ "SheetImageTooltipConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "TooltipText": {
+ "$ref": "#/definitions/SheetImageTooltipText"
+ },
+ "Visibility": {}
+ },
+ "type": "object"
+ },
+ "SheetImageTooltipText": {
+ "additionalProperties": false,
+ "properties": {
+ "PlainText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"SheetTextBox": {
"additionalProperties": false,
"properties": {
@@ -8891,6 +9770,21 @@
],
"type": "string"
},
+ "SingleAxisOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "YAxisOptions": {
+ "$ref": "#/definitions/YAxisOptions"
+ }
+ },
+ "type": "object"
+ },
+ "SingleYAxisOption": {
+ "enum": [
+ "PRIMARY_Y_AXIS"
+ ],
+ "type": "string"
+ },
"SliderControlDisplayOptions": {
"additionalProperties": false,
"properties": {
@@ -8983,6 +9877,24 @@
},
"type": "object"
},
+ "SpatialStaticFile": {
+ "additionalProperties": false,
+ "properties": {
+ "Source": {
+ "$ref": "#/definitions/StaticFileSource"
+ },
+ "StaticFileId": {
+ "maxLength": 512,
+ "minLength": 1,
+ "pattern": "^[\\w\\-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "StaticFileId"
+ ],
+ "type": "object"
+ },
"SpecialValue": {
"enum": [
"EMPTY",
@@ -8991,6 +9903,62 @@
],
"type": "string"
},
+ "StaticFile": {
+ "additionalProperties": false,
+ "properties": {
+ "ImageStaticFile": {
+ "$ref": "#/definitions/ImageStaticFile"
+ },
+ "SpatialStaticFile": {
+ "$ref": "#/definitions/SpatialStaticFile"
+ }
+ },
+ "type": "object"
+ },
+ "StaticFileS3SourceOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "BucketName": {
+ "type": "string"
+ },
+ "ObjectKey": {
+ "type": "string"
+ },
+ "Region": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "BucketName",
+ "ObjectKey",
+ "Region"
+ ],
+ "type": "object"
+ },
+ "StaticFileSource": {
+ "additionalProperties": false,
+ "properties": {
+ "S3Options": {
+ "$ref": "#/definitions/StaticFileS3SourceOptions"
+ },
+ "UrlOptions": {
+ "$ref": "#/definitions/StaticFileUrlSourceOptions"
+ }
+ },
+ "type": "object"
+ },
+ "StaticFileUrlSourceOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "Url": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "Url"
+ ],
+ "type": "object"
+ },
"StringDefaultValues": {
"additionalProperties": false,
"properties": {
@@ -9104,9 +10072,7 @@
"TotalCellStyle": {
"$ref": "#/definitions/TableCellStyle"
},
- "TotalsVisibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "TotalsVisibility": {},
"ValueCellStyle": {
"$ref": "#/definitions/TableCellStyle"
}
@@ -9221,9 +10187,7 @@
"VerticalTextAlignment": {
"$ref": "#/definitions/VerticalTextAlignment"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -9262,6 +10226,9 @@
"FieldWells": {
"$ref": "#/definitions/TableFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"PaginatedReportOptions": {
"$ref": "#/definitions/TablePaginatedReportOptions"
},
@@ -9368,9 +10335,7 @@
"URLStyling": {
"$ref": "#/definitions/TableFieldURLConfiguration"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- },
+ "Visibility": {},
"Width": {
"description": "String based length that is composed of value and unit in px",
"type": "string"
@@ -9404,6 +10369,14 @@
"maxItems": 100,
"minItems": 0,
"type": "array"
+ },
+ "TransposedTableOptions": {
+ "items": {
+ "$ref": "#/definitions/TransposedTableOption"
+ },
+ "maxItems": 10001,
+ "minItems": 0,
+ "type": "array"
}
},
"type": "object"
@@ -9469,12 +10442,8 @@
"TablePaginatedReportOptions": {
"additionalProperties": false,
"properties": {
- "OverflowColumnHeaderVisibility": {
- "$ref": "#/definitions/Visibility"
- },
- "VerticalOverflowVisibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "OverflowColumnHeaderVisibility": {},
+ "VerticalOverflowVisibility": {}
},
"type": "object"
},
@@ -9611,6 +10580,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -9844,6 +10818,9 @@
"minItems": 0,
"type": "array"
},
+ "QueryExecutionOptions": {
+ "$ref": "#/definitions/QueryExecutionOptions"
+ },
"Sheets": {
"items": {
"$ref": "#/definitions/SheetDefinition"
@@ -9891,9 +10868,7 @@
"TextControlPlaceholderOptions": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -9922,12 +10897,13 @@
"ThousandSeparatorOptions": {
"additionalProperties": false,
"properties": {
+ "GroupingStyle": {
+ "$ref": "#/definitions/DigitGroupingStyle"
+ },
"Symbol": {
"$ref": "#/definitions/NumericSeparatorSymbol"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -10129,12 +11105,18 @@
"SelectedTooltipType": {
"$ref": "#/definitions/SelectedTooltipType"
},
- "TooltipVisibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "TooltipVisibility": {}
},
"type": "object"
},
+ "TooltipTarget": {
+ "enum": [
+ "BOTH",
+ "BAR",
+ "LINE"
+ ],
+ "type": "string"
+ },
"TooltipTitleType": {
"enum": [
"NONE",
@@ -10345,10 +11327,36 @@
"TotalCellStyle": {
"$ref": "#/definitions/TableCellStyle"
},
- "TotalsVisibility": {
- "$ref": "#/definitions/Visibility"
+ "TotalsVisibility": {}
+ },
+ "type": "object"
+ },
+ "TransposedColumnType": {
+ "enum": [
+ "ROW_HEADER_COLUMN",
+ "VALUE_COLUMN"
+ ],
+ "type": "string"
+ },
+ "TransposedTableOption": {
+ "additionalProperties": false,
+ "properties": {
+ "ColumnIndex": {
+ "maximum": 9999,
+ "minimum": 0,
+ "type": "number"
+ },
+ "ColumnType": {
+ "$ref": "#/definitions/TransposedColumnType"
+ },
+ "ColumnWidth": {
+ "description": "String based length that is composed of value and unit in px",
+ "type": "string"
}
},
+ "required": [
+ "ColumnType"
+ ],
"type": "object"
},
"TreeMapAggregatedFieldWells": {
@@ -10399,6 +11407,9 @@
"GroupLabelOptions": {
"$ref": "#/definitions/ChartAxisLabelOptions"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -10468,6 +11479,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -10483,9 +11499,7 @@
"TrendArrowOptions": {
"additionalProperties": false,
"properties": {
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -10642,6 +11656,9 @@
"PivotTableVisual": {
"$ref": "#/definitions/PivotTableVisual"
},
+ "PluginVisual": {
+ "$ref": "#/definitions/PluginVisual"
+ },
"RadarChartVisual": {
"$ref": "#/definitions/RadarChartVisual"
},
@@ -10728,6 +11745,27 @@
],
"type": "string"
},
+ "VisualInteractionOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "ContextMenuOption": {
+ "$ref": "#/definitions/ContextMenuOption"
+ },
+ "VisualMenuOption": {
+ "$ref": "#/definitions/VisualMenuOption"
+ }
+ },
+ "type": "object"
+ },
+ "VisualMenuOption": {
+ "additionalProperties": false,
+ "properties": {
+ "AvailabilityStatus": {
+ "$ref": "#/definitions/DashboardBehavior"
+ }
+ },
+ "type": "object"
+ },
"VisualPalette": {
"additionalProperties": false,
"properties": {
@@ -10752,9 +11790,7 @@
"FormatText": {
"$ref": "#/definitions/LongFormatText"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -10764,9 +11800,7 @@
"FormatText": {
"$ref": "#/definitions/ShortFormatText"
},
- "Visibility": {
- "$ref": "#/definitions/Visibility"
- }
+ "Visibility": {}
},
"type": "object"
},
@@ -10827,6 +11861,9 @@
"FieldWells": {
"$ref": "#/definitions/WaterfallChartFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"Legend": {
"$ref": "#/definitions/LegendOptions"
},
@@ -10929,6 +11966,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -11020,6 +12062,9 @@
"FieldWells": {
"$ref": "#/definitions/WordCloudFieldWells"
},
+ "Interactions": {
+ "$ref": "#/definitions/VisualInteractionOptions"
+ },
"SortConfiguration": {
"$ref": "#/definitions/WordCloudSortConfiguration"
},
@@ -11116,6 +12161,11 @@
"Title": {
"$ref": "#/definitions/VisualTitleLabelOptions"
},
+ "VisualContentAltText": {
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
"VisualId": {
"maxLength": 512,
"minLength": 1,
@@ -11157,6 +12207,18 @@
"NORMAL"
],
"type": "string"
+ },
+ "YAxisOptions": {
+ "additionalProperties": false,
+ "properties": {
+ "YAxis": {
+ "$ref": "#/definitions/SingleYAxisOption"
+ }
+ },
+ "required": [
+ "YAxis"
+ ],
+ "type": "object"
}
},
"description": "Definition of the AWS::QuickSight::Template Resource Type.",
@@ -11294,6 +12356,18 @@
"TemplateId"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-quicksight",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "quicksight:TagResource",
+ "quicksight:UntagResource",
+ "quicksight:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::QuickSight::Template",
"writeOnlyProperties": [
"/properties/Definition",
diff --git a/schema/aws-quicksight-theme.json b/schema/aws-quicksight-theme.json
index 2df8683..8f35348 100644
--- a/schema/aws-quicksight-theme.json
+++ b/schema/aws-quicksight-theme.json
@@ -517,10 +517,17 @@
"Name"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-quicksight",
- "typeName": "AWS::QuickSight::Theme",
- "writeOnlyProperties": [
- "/properties/BaseThemeId",
- "/properties/Configuration",
- "/properties/VersionDescription"
- ]
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "quicksight:TagResource",
+ "quicksight:UntagResource",
+ "quicksight:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::QuickSight::Theme"
}
diff --git a/schema/aws-quicksight-topic.json b/schema/aws-quicksight-topic.json
index 0f76d13..3b91c33 100644
--- a/schema/aws-quicksight-topic.json
+++ b/schema/aws-quicksight-topic.json
@@ -2,6 +2,7 @@
"additionalProperties": false,
"createOnlyProperties": [
"/properties/AwsAccountId",
+ "/properties/FolderArns",
"/properties/TopicId"
],
"definitions": {
@@ -390,7 +391,9 @@
"THOUSANDS",
"MILLIONS",
"BILLIONS",
- "TRILLIONS"
+ "TRILLIONS",
+ "LAKHS",
+ "CRORES"
],
"type": "string"
},
@@ -684,6 +687,16 @@
],
"type": "object"
},
+ "TopicConfigOptions": {
+ "additionalProperties": false,
+ "description": "Model for configuration of a Topic",
+ "properties": {
+ "QBusinessInsightsEnabled": {
+ "type": "boolean"
+ }
+ },
+ "type": "object"
+ },
"TopicDateRangeFilter": {
"additionalProperties": false,
"properties": {
@@ -700,6 +713,9 @@
"TopicDetails": {
"additionalProperties": false,
"properties": {
+ "ConfigOptions": {
+ "$ref": "#/definitions/TopicConfigOptions"
+ },
"DataSets": {
"items": {
"$ref": "#/definitions/DatasetMetadata"
@@ -983,6 +999,9 @@
"pattern": "^[0-9]{12}$",
"type": "string"
},
+ "ConfigOptions": {
+ "$ref": "#/definitions/TopicConfigOptions"
+ },
"DataSets": {
"items": {
"$ref": "#/definitions/DatasetMetadata"
@@ -994,6 +1013,14 @@
"minLength": 0,
"type": "string"
},
+ "FolderArns": {
+ "items": {
+ "type": "string"
+ },
+ "maxItems": 20,
+ "minItems": 0,
+ "type": "array"
+ },
"Name": {
"maxLength": 128,
"minLength": 1,
@@ -1018,5 +1045,8 @@
"tagUpdatable": false,
"taggable": false
},
- "typeName": "AWS::QuickSight::Topic"
+ "typeName": "AWS::QuickSight::Topic",
+ "writeOnlyProperties": [
+ "/properties/FolderArns"
+ ]
}
diff --git a/schema/aws-quicksight-vpcconnection.json b/schema/aws-quicksight-vpcconnection.json
index 2e0f38b..b5dc487 100644
--- a/schema/aws-quicksight-vpcconnection.json
+++ b/schema/aws-quicksight-vpcconnection.json
@@ -249,6 +249,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "quicksight:TagResource",
+ "quicksight:UntagResource",
+ "quicksight:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-ram-permission.json b/schema/aws-ram-permission.json
index c6126c8..9c9dfa3 100644
--- a/schema/aws-ram-permission.json
+++ b/schema/aws-ram-permission.json
@@ -121,7 +121,12 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ram",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "ram:TagResource",
+ "ram:UntagResource"
+ ],
"tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
diff --git a/schema/aws-ram-resourceshare.json b/schema/aws-ram-resourceshare.json
index 1f3070f..996c93e 100644
--- a/schema/aws-ram-resourceshare.json
+++ b/schema/aws-ram-resourceshare.json
@@ -3,80 +3,143 @@
"definitions": {
"Tag": {
"additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
"properties": {
"Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
"type": "string"
},
"Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
"type": "string"
}
},
"required": [
- "Value",
- "Key"
+ "Key",
+ "Value"
],
"type": "object"
}
},
- "description": "Resource Type definition for AWS::RAM::ResourceShare",
+ "description": "Resource type definition for AWS::RAM::ResourceShare",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "ram:CreateResourceShare",
+ "ram:TagResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "ram:DeleteResourceShare",
+ "ram:GetResourceShares"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "ram:GetResourceShares"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "ram:GetResourceShares"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "ram:GetPermission",
+ "ram:GetResourceShares",
+ "ram:GetResourceShareAssociations",
+ "ram:ListResourceSharePermissions",
+ "ram:UpdateResourceShare",
+ "ram:AssociateResourceSharePermission",
+ "ram:AssociateResourceShare",
+ "ram:DisassociateResourceShare",
+ "ram:UntagResource",
+ "ram:TagResource"
+ ]
+ }
+ },
"primaryIdentifier": [
- "/properties/Id"
+ "/properties/Arn"
],
"properties": {
"AllowExternalPrincipals": {
+ "description": "Specifies whether principals outside your organization in AWS Organizations can be associated with a resource share. A value of `true` lets you share with individual AWS accounts that are not in your organization. A value of `false` only has meaning if your account is a member of an AWS Organization. The default value is `true`.",
"type": "boolean"
},
"Arn": {
"type": "string"
},
- "Id": {
- "type": "string"
- },
"Name": {
+ "description": "Specifies the name of the resource share.",
"type": "string"
},
"PermissionArns": {
+ "description": "Specifies the [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) of the AWS RAM permission to associate with the resource share. If you do not specify an ARN for the permission, AWS RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.",
+ "insertionOrder": false,
"items": {
"type": "string"
},
- "type": "array",
- "uniqueItems": false
+ "type": "array"
},
"Principals": {
+ "description": "Specifies the principals to associate with the resource share. The possible values are:\n\n- An AWS account ID\n\n- An Amazon Resource Name (ARN) of an organization in AWS Organizations\n\n- An ARN of an organizational unit (OU) in AWS Organizations\n\n- An ARN of an IAM role\n\n- An ARN of an IAM user",
+ "insertionOrder": false,
"items": {
"type": "string"
},
- "type": "array",
- "uniqueItems": false
+ "type": "array"
},
"ResourceArns": {
+ "description": "Specifies a list of one or more ARNs of the resources to associate with the resource share.",
+ "insertionOrder": false,
"items": {
"type": "string"
},
- "type": "array",
- "uniqueItems": false
+ "type": "array"
},
"Sources": {
+ "description": "Specifies from which source accounts the service principal has access to the resources in this resource share.",
+ "insertionOrder": false,
"items": {
"type": "string"
},
- "type": "array",
- "uniqueItems": false
+ "type": "array"
},
"Tags": {
+ "description": "Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share.",
+ "insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
},
"type": "array",
- "uniqueItems": false
+ "uniqueItems": true
}
},
"readOnlyProperties": [
- "/properties/Id",
"/properties/Arn"
],
"required": [
"Name"
],
- "typeName": "AWS::RAM::ResourceShare"
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ram",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "ram:TagResource",
+ "ram:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::RAM::ResourceShare",
+ "writeOnlyProperties": [
+ "/properties/PermissionArns",
+ "/properties/Principals",
+ "/properties/ResourceArns",
+ "/properties/Sources"
+ ]
}
diff --git a/schema/aws-rbin-rule.json b/schema/aws-rbin-rule.json
new file mode 100644
index 0000000..d7d94ed
--- /dev/null
+++ b/schema/aws-rbin-rule.json
@@ -0,0 +1,271 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/Identifier"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ResourceType"
+ ],
+ "definitions": {
+ "ResourceTag": {
+ "additionalProperties": false,
+ "description": "The resource tag of the rule.",
+ "properties": {
+ "ResourceTagKey": {
+ "description": "The tag key of the resource.",
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ResourceTagValue": {
+ "description": "The tag value of the resource",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "ResourceTagKey",
+ "ResourceTagValue"
+ ],
+ "type": "object"
+ },
+ "RetentionPeriod": {
+ "additionalProperties": false,
+ "description": "The retention period of the rule.",
+ "properties": {
+ "RetentionPeriodUnit": {
+ "description": "The retention period unit of the rule",
+ "enum": [
+ "DAYS"
+ ],
+ "type": "string"
+ },
+ "RetentionPeriodValue": {
+ "description": "The retention period value of the rule.",
+ "maximum": 3650,
+ "minimum": 1,
+ "type": "integer"
+ }
+ },
+ "required": [
+ "RetentionPeriodValue",
+ "RetentionPeriodUnit"
+ ],
+ "type": "object"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "description": "Metadata of a retention rule, consisting of a key-value pair.",
+ "properties": {
+ "Key": {
+ "description": "A unique identifier for the tag.",
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "description": "String which you can use to describe or define the tag.",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ },
+ "UnlockDelay": {
+ "additionalProperties": false,
+ "properties": {
+ "UnlockDelayUnit": {
+ "description": "The unit of time in which to measure the unlock delay. Currently, the unlock delay can be measure only in days.",
+ "enum": [
+ "DAYS"
+ ],
+ "type": "string"
+ },
+ "UnlockDelayValue": {
+ "description": "The unlock delay period, measured in the unit specified for UnlockDelayUnit.",
+ "maximum": 30,
+ "minimum": 7,
+ "type": "integer"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Resource Type definition for AWS::Rbin::Rule",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "rbin:CreateRule",
+ "rbin:GetRule",
+ "rbin:LockRule",
+ "rbin:TagResource",
+ "iam:PassRole"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "rbin:GetRule",
+ "rbin:DeleteRule",
+ "iam:PassRole"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "ExcludeResourceTags": {
+ "$ref": "resource-schema.json#/properties/ExcludeResourceTags"
+ },
+ "LockState": {
+ "$ref": "resource-schema.json#/properties/LockState"
+ },
+ "ResourceTags": {
+ "$ref": "resource-schema.json#/properties/ResourceTags"
+ },
+ "ResourceType": {
+ "$ref": "resource-schema.json#/properties/ResourceType"
+ }
+ },
+ "required": [
+ "ResourceType"
+ ]
+ },
+ "permissions": [
+ "rbin:ListRules",
+ "rbin:ListTagsForResource",
+ "iam:PassRole"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "rbin:GetRule",
+ "rbin:ListTagsForResource",
+ "iam:PassRole"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "rbin:GetRule",
+ "rbin:UpdateRule",
+ "rbin:LockRule",
+ "rbin:UnlockRule",
+ "rbin:TagResource",
+ "rbin:UntagResource",
+ "rbin:ListTagsForResource",
+ "iam:PassRole"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn"
+ ],
+ "properties": {
+ "Arn": {
+ "description": "Rule Arn is unique for each rule.",
+ "maxLength": 1011,
+ "minLength": 0,
+ "type": "string"
+ },
+ "Description": {
+ "description": "The description of the retention rule.",
+ "maxLength": 255,
+ "type": "string"
+ },
+ "ExcludeResourceTags": {
+ "description": "Information about the exclude resource tags used to identify resources that are excluded by the retention rule.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/ResourceTag"
+ },
+ "maxItems": 5,
+ "type": "array",
+ "uniqueItems": true
+ },
+ "Identifier": {
+ "description": "The unique ID of the retention rule.",
+ "pattern": "[0-9a-zA-Z]{11}",
+ "type": "string"
+ },
+ "LockConfiguration": {
+ "$ref": "#/definitions/UnlockDelay",
+ "description": "Information about the retention rule lock configuration."
+ },
+ "LockState": {
+ "description": "The lock state for the retention rule.",
+ "pattern": "locked|pending_unlock|unlocked",
+ "type": "string"
+ },
+ "ResourceTags": {
+ "description": "Information about the resource tags used to identify resources that are retained by the retention rule.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/ResourceTag"
+ },
+ "maxItems": 50,
+ "type": "array",
+ "uniqueItems": true
+ },
+ "ResourceType": {
+ "description": "The resource type retained by the retention rule.",
+ "enum": [
+ "EBS_SNAPSHOT",
+ "EC2_IMAGE"
+ ],
+ "type": "string"
+ },
+ "RetentionPeriod": {
+ "$ref": "#/definitions/RetentionPeriod",
+ "description": "Information about the retention period for which the retention rule is to retain resources."
+ },
+ "Status": {
+ "description": "The state of the retention rule. Only retention rules that are in the available state retain resources.",
+ "pattern": "pending|available",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "Information about the tags assigned to the retention rule.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 200,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/Identifier",
+ "/properties/LockState"
+ ],
+ "required": [
+ "RetentionPeriod",
+ "ResourceType"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rbin",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rbin:TagResource",
+ "rbin:UntagResource",
+ "rbin:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::Rbin::Rule",
+ "writeOnlyProperties": [
+ "/properties/LockConfiguration",
+ "/properties/LockConfiguration/UnlockDelayValue",
+ "/properties/LockConfiguration/UnlockDelayUnit"
+ ]
+}
diff --git a/schema/aws-rds-customdbengineversion.json b/schema/aws-rds-customdbengineversion.json
index de618cf..7517460 100644
--- a/schema/aws-rds-customdbengineversion.json
+++ b/schema/aws-rds-customdbengineversion.json
@@ -14,16 +14,16 @@
"definitions": {
"Tag": {
"additionalProperties": false,
- "description": "A key-value pair to associate with a resource.",
+ "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
"properties": {
"Key": {
- "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").",
"maxLength": 128,
"minLength": 1,
"type": "string"
},
"Value": {
- "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "description": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").",
"maxLength": 256,
"minLength": 0,
"type": "string"
@@ -35,7 +35,7 @@
"type": "object"
}
},
- "description": "The AWS::RDS::CustomDBEngineVersion resource creates an Amazon RDS custom DB engine version.",
+ "description": "Creates a custom DB engine version (CEV).",
"handlers": {
"create": {
"permissions": [
@@ -96,17 +96,17 @@
],
"properties": {
"DBEngineVersionArn": {
- "description": "The ARN of the custom engine version.",
+ "description": "",
"type": "string"
},
"DatabaseInstallationFilesS3BucketName": {
- "description": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is `my-custom-installation-files`.",
+ "description": "The name of an Amazon S3 bucket that contains database installation files for your CEV. For example, a valid bucket name is ``my-custom-installation-files``.",
"maxLength": 63,
"minLength": 3,
"type": "string"
},
"DatabaseInstallationFilesS3Prefix": {
- "description": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is `123456789012/cev1`. If this setting isn't specified, no prefix is assumed.",
+ "description": "The Amazon S3 directory that contains the database installation files for your CEV. For example, a valid bucket name is ``123456789012/cev1``. If this setting isn't specified, no prefix is assumed.",
"maxLength": 255,
"minLength": 1,
"type": "string"
@@ -118,40 +118,40 @@
"type": "string"
},
"Engine": {
- "description": "The database engine to use for your custom engine version (CEV). The only supported value is `custom-oracle-ee`.",
+ "description": "The database engine to use for your custom engine version (CEV).\n Valid values:\n + ``custom-oracle-ee`` \n + ``custom-oracle-ee-cdb``",
"maxLength": 35,
"minLength": 1,
"type": "string"
},
"EngineVersion": {
- "description": "The name of your CEV. The name format is 19.customized_string . For example, a valid name is 19.my_cev1. This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of Engine and EngineVersion is unique per customer per Region.",
+ "description": "The name of your CEV. The name format is ``major version.customized_string``. For example, a valid CEV name is ``19.my_cev1``. This setting is required for RDS Custom for Oracle, but optional for Amazon RDS. The combination of ``Engine`` and ``EngineVersion`` is unique per customer per Region.\n *Constraints:* Minimum length is 1. Maximum length is 60.\n *Pattern:* ``^[a-z0-9_.-]{1,60$``}",
"maxLength": 60,
"minLength": 1,
"type": "string"
},
"ImageId": {
- "description": "The identifier of Amazon Machine Image (AMI) used for CEV.",
+ "description": "A value that indicates the ID of the AMI.",
"type": "string"
},
"KMSKeyId": {
- "description": "The AWS KMS key identifier for an encrypted CEV. A symmetric KMS key is required for RDS Custom, but optional for Amazon RDS.",
+ "description": "The AWS KMS key identifier for an encrypted CEV. A symmetric encryption KMS key is required for RDS Custom, but optional for Amazon RDS.\n If you have an existing symmetric encryption KMS key in your account, you can use it with RDS Custom. No further action is necessary. If you don't already have a symmetric encryption KMS key in your account, follow the instructions in [Creating a symmetric encryption KMS key](https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html#create-symmetric-cmk) in the *Key Management Service Developer Guide*.\n You can choose the same symmetric encryption key when you create a CEV and a DB instance, or choose different keys.",
"maxLength": 2048,
"minLength": 1,
"type": "string"
},
"Manifest": {
- "description": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed.",
+ "description": "The CEV manifest, which is a JSON document that describes the installation .zip files stored in Amazon S3. Specify the name/value pairs in a file or a quoted string. RDS Custom applies the patches in the order in which they are listed.\n The following JSON fields are valid:\n + MediaImportTemplateVersion Version of the CEV manifest. The date is in the format YYYY-MM-DD. + databaseInstallationFileNames Ordered list of installation files for the CEV. + opatchFileNames Ordered list of OPatch installers used for the Oracle DB engine. + psuRuPatchFileNames The PSU and RU patches for this CEV. + OtherPatchFileNames The patches that are not in the list of PSU and RU patches. Amazon RDS applies these patches after applying the PSU and RU patches. \n For more information, see [Creating the CEV manifest](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/custom-cev.html#custom-cev.preparing.manifest) in the *Amazon RDS User Guide*.",
"maxLength": 51000,
"minLength": 1,
"type": "string"
},
"SourceCustomDbEngineVersionIdentifier": {
- "description": "The identifier of the source custom engine version.",
+ "description": "The ARN of a CEV to use as a source for creating a new CEV. You can specify a different Amazon Machine Imagine (AMI) by using either ``Source`` or ``UseAwsProvidedLatestImage``. You can't specify a different JSON manifest when you specify ``SourceCustomDbEngineVersionIdentifier``.",
"type": "string"
},
"Status": {
"default": "available",
- "description": "The availability status to be assigned to the CEV.",
+ "description": "A value that indicates the status of a custom engine version (CEV).",
"enum": [
"available",
"inactive",
@@ -160,7 +160,7 @@
"type": "string"
},
"Tags": {
- "description": "An array of key-value pairs to apply to this resource.",
+ "description": "A list of tags. For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide.*",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
@@ -169,14 +169,14 @@
"uniqueItems": false
},
"UseAwsProvidedLatestImage": {
- "description": "A value that indicates whether AWS provided latest image is applied automatically to the Custom Engine Version. By default, AWS provided latest image is applied automatically. This value is only applied on create.",
+ "description": "Specifies whether to use the latest service-provided Amazon Machine Image (AMI) for the CEV. If you specify ``UseAwsProvidedLatestImage``, you can't also specify ``ImageId``.",
"type": "boolean"
}
},
"propertyTransform": {
"/properties/Engine": "$lowercase(Engine)",
"/properties/EngineVersion": "$lowercase(EngineVersion)",
- "/properties/KMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KMSKeyId])"
+ "/properties/KMSKeyId": "$join([\"arn:.+?:kms:.+?:.+?:key\\/\", KMSKeyId])"
},
"readOnlyProperties": [
"/properties/DBEngineVersionArn"
@@ -187,6 +187,14 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::RDS::CustomDBEngineVersion",
diff --git a/schema/aws-rds-dbcluster.json b/schema/aws-rds-dbcluster.json
index c34277c..2bd3711 100644
--- a/schema/aws-rds-dbcluster.json
+++ b/schema/aws-rds-dbcluster.json
@@ -7,6 +7,7 @@
],
"createOnlyProperties": [
"/properties/AvailabilityZones",
+ "/properties/ClusterScalabilityType",
"/properties/DBClusterIdentifier",
"/properties/DBSubnetGroupName",
"/properties/DBSystemId",
@@ -122,15 +123,19 @@
"type": "number"
},
"MinCapacity": {
- "description": "The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. The smallest value that you can use is 0.5.",
+ "description": "The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0. For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5.",
"type": "number"
+ },
+ "SecondsUntilAutoPause": {
+ "description": "Specifies the number of seconds an Aurora Serverless v2 DB instance must be idle before Aurora attempts to automatically pause it. \n Specify a value between 300 seconds (five minutes) and 86,400 seconds (one day). The default is 300 seconds.",
+ "type": "integer"
}
},
"type": "object"
},
"Tag": {
"additionalProperties": false,
- "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
+ "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
"properties": {
"Key": {
"description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").",
@@ -151,7 +156,7 @@
"type": "object"
}
},
- "description": "The ``AWS::RDS::DBCluster`` resource creates an Amazon Aurora DB cluster or Multi-AZ DB cluster.\n For more information about creating an Aurora DB cluster, see [Creating an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html) in the *Amazon Aurora User Guide*.\n For more information about creating a Multi-AZ DB cluster, see [Creating a Multi-AZ DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html) in the *Amazon RDS User Guide*.\n You can only create this resource in AWS Regions where Amazon Aurora or Multi-AZ DB clusters are supported.\n *Updating DB clusters* \n When properties labeled \"*Update requires:* [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)\" are updated, AWS CloudFormation first creates a replacement DB cluster, then changes references from other dependent resources to point to the replacement DB cluster, and finally deletes the old DB cluster.\n We highly recommend that you take a snapshot of the database before updating the stack. If you don't, you lose the data when AWS CloudFormation replaces your DB cluster. To preserve your data, perform the following procedure:\n 1. Deactivate any applications that are using the DB cluster so that there's no activity on the DB instance.\n 1. Create a snapshot of the DB cluster. For more information, see [Creating a DB Cluster Snapshot](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_CreateSnapshotCluster.html).\n 1. If you want to restore your DB cluster using a DB cluster snapshot, modify the updated template with your DB cluster changes and add the ``SnapshotIdentifier`` property with the ID of the DB cluster snapshot that you want to use.\n After you restore a DB cluster with a ``SnapshotIdentifier`` property, you must specify the same ``SnapshotIdentifier`` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the DB cluster snapshot again, and the data in the database is not changed. However, if you don't specify the ``SnapshotIdentifier`` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified ``SnapshotIdentifier`` property, and the original DB cluster is deleted.\n 1. Update the stack.\n \n Currently, when you are updating the stack for an Aurora Serverless DB cluster, you can't include changes to any other properties when you specify one of the following properties: ``PreferredBackupWindow``, ``PreferredMaintenanceWindow``, and ``Port``. This limitation doesn't apply to provisioned DB clusters.\n For more information about updating other properties of this resource, see ``ModifyDBCluster``. For more information about updating stacks, see [CloudFormation Stacks Updates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html).\n *Deleting DB clusters* \n The default ``DeletionPolicy`` for ``AWS::RDS::DBCluster`` resources is ``Snapshot``. For more information about how AWS CloudFormation deletes resources, see [DeletionPolicy Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html).",
+ "description": "The ``AWS::RDS::DBCluster`` resource creates an Amazon Aurora DB cluster or Multi-AZ DB cluster.\n For more information about creating an Aurora DB cluster, see [Creating an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html) in the *Amazon Aurora User Guide*.\n For more information about creating a Multi-AZ DB cluster, see [Creating a Multi-AZ DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/create-multi-az-db-cluster.html) in the *Amazon RDS User Guide*.\n You can only create this resource in AWS Regions where Amazon Aurora or Multi-AZ DB clusters are supported.\n *Updating DB clusters* \n When properties labeled \"*Update requires:* [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)\" are updated, AWS CloudFormation first creates a replacement DB cluster, then changes references from other dependent resources to point to the replacement DB cluster, and finally deletes the old DB cluster.\n We highly recommend that you take a snapshot of the database before updating the stack. If you don't, you lose the data when AWS CloudFormation replaces your DB cluster. To preserve your data, perform the following procedure:\n 1. Deactivate any applications that are using the DB cluster so that there's no activity on the DB instance.\n 1. Create a snapshot of the DB cluster. For more information, see [Creating a DB cluster snapshot](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_CreateSnapshotCluster.html).\n 1. If you want to restore your DB cluster using a DB cluster snapshot, modify the updated template with your DB cluster changes and add the ``SnapshotIdentifier`` property with the ID of the DB cluster snapshot that you want to use.\n After you restore a DB cluster with a ``SnapshotIdentifier`` property, you must specify the same ``SnapshotIdentifier`` property for any future updates to the DB cluster. When you specify this property for an update, the DB cluster is not restored from the DB cluster snapshot again, and the data in the database is not changed. However, if you don't specify the ``SnapshotIdentifier`` property, an empty DB cluster is created, and the original DB cluster is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB cluster is restored from the specified ``SnapshotIdentifier`` property, and the original DB cluster is deleted.\n 1. Update the stack.\n \n Currently, when you are updating the stack for an Aurora Serverless DB cluster, you can't include changes to any other properties when you specify one of the following properties: ``PreferredBackupWindow``, ``PreferredMaintenanceWindow``, and ``Port``. This limitation doesn't apply to provisioned DB clusters.\n For more information about updating other properties of this resource, see ``ModifyDBCluster``. For more information about updating stacks, see [CloudFormation Stacks Updates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html).\n *Deleting DB clusters* \n The default ``DeletionPolicy`` for ``AWS::RDS::DBCluster`` resources is ``Snapshot``. For more information about how AWS CloudFormation deletes resources, see [DeletionPolicy Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html).",
"handlers": {
"create": {
"permissions": [
@@ -235,7 +240,7 @@
"uniqueItems": true
},
"AutoMinorVersionUpgrade": {
- "description": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n Valid for Cluster Type: Multi-AZ DB clusters only",
+ "description": "Specifies whether minor engine upgrades are applied automatically to the DB cluster during the maintenance window. By default, minor engine upgrades are applied automatically.\n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB cluster",
"type": "boolean"
},
"AvailabilityZones": {
@@ -247,7 +252,7 @@
"uniqueItems": true
},
"BacktrackWindow": {
- "description": "The target backtrack window, in seconds. To disable backtracking, set this value to 0. \n Currently, Backtrack is only supported for Aurora MySQL DB clusters.\n Default: 0\n Constraints:\n + If specified, this value must be set to a number from 0 to 259,200 (72 hours).\n \n Valid for: Aurora MySQL DB clusters only",
+ "description": "The target backtrack window, in seconds. To disable backtracking, set this value to ``0``.\n Valid for Cluster Type: Aurora MySQL DB clusters only\n Default: ``0`` \n Constraints:\n + If specified, this value must be set to a number from 0 to 259,200 (72 hours).",
"minimum": 0,
"type": "integer"
},
@@ -257,6 +262,10 @@
"minimum": 1,
"type": "integer"
},
+ "ClusterScalabilityType": {
+ "description": "Specifies the scalability mode of the Aurora DB cluster. When set to ``limitless``, the cluster operates as an Aurora Limitless Database, allowing you to create a DB shard group for horizontal scaling (sharding) capabilities. When set to ``standard`` (the default), the cluster uses normal DB instance creation.",
+ "type": "string"
+ },
"CopyTagsToSnapshot": {
"description": "A value that indicates whether to copy all tags from the DB cluster to snapshots of the DB cluster. The default is not to copy them.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters",
"type": "boolean"
@@ -277,7 +286,6 @@
"type": "string"
},
"DBClusterParameterGroupName": {
- "default": "default.aurora5.6",
"description": "The name of the DB cluster parameter group to associate with this DB cluster.\n If you apply a parameter group to an existing DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started.\n To list all of the available DB cluster parameter group names, use the following command:\n ``aws rds describe-db-cluster-parameter-groups --query \"DBClusterParameterGroups[].DBClusterParameterGroupName\" --output text`` \n Valid for: Aurora DB clusters and Multi-AZ DB clusters",
"type": "string"
},
@@ -297,6 +305,10 @@
"description": "Reserved for future use.",
"type": "string"
},
+ "DatabaseInsightsMode": {
+ "description": "The mode of Database Insights to enable for the DB cluster.\n If you set this value to ``advanced``, you must also set the ``PerformanceInsightsEnabled`` parameter to ``true`` and the ``PerformanceInsightsRetentionPeriod`` parameter to 465.\n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters",
+ "type": "string"
+ },
"DatabaseName": {
"description": "The name of your database. If you don't provide a name, then Amazon RDS won't create a database in this DB cluster. For naming constraints, see [Naming Constraints](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/CHAP_Limits.html#RDS_Limits.Constraints) in the *Amazon Aurora User Guide*. \n Valid for: Aurora DB clusters and Multi-AZ DB clusters",
"type": "string"
@@ -326,7 +338,7 @@
"type": "boolean"
},
"EnableHttpEndpoint": {
- "description": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n When enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n RDS Data API is supported with the following DB clusters:\n + Aurora PostgreSQL Serverless v2 and provisioned\n + Aurora PostgreSQL and Aurora MySQL Serverless v1\n \n For more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide*.\n Valid for Cluster Type: Aurora DB clusters only",
+ "description": "Specifies whether to enable the HTTP endpoint for the DB cluster. By default, the HTTP endpoint isn't enabled.\n When enabled, the HTTP endpoint provides a connectionless web service API (RDS Data API) for running SQL queries on the DB cluster. You can also query your database from inside the RDS console with the RDS query editor.\n For more information, see [Using RDS Data API](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html) in the *Amazon Aurora User Guide*.\n Valid for Cluster Type: Aurora DB clusters only",
"type": "boolean"
},
"EnableIAMDatabaseAuthentication": {
@@ -346,7 +358,7 @@
"type": "string"
},
"EngineLifecycleSupport": {
- "description": "The life cycle type for this DB cluster.\n By default, this value is set to ``open-source-rds-extended-support``, which enrolls your DB cluster into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to ``open-source-rds-extended-support-disabled``. In this case, creating the DB cluster will fail if the DB major version is past its end of standard support date.\n You can use this setting to enroll your DB cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB cluster past the end of standard support for that engine version. For more information, see the following sections:\n + Amazon Aurora (PostgreSQL only) - [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide* \n + Amazon RDS - [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide* \n \n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n Valid Values: ``open-source-rds-extended-support | open-source-rds-extended-support-disabled`` \n Default: ``open-source-rds-extended-support``",
+ "description": "The life cycle type for this DB cluster.\n By default, this value is set to ``open-source-rds-extended-support``, which enrolls your DB cluster into Amazon RDS Extended Support. At the end of standard support, you can avoid charges for Extended Support by setting the value to ``open-source-rds-extended-support-disabled``. In this case, creating the DB cluster will fail if the DB major version is past its end of standard support date.\n You can use this setting to enroll your DB cluster into Amazon RDS Extended Support. With RDS Extended Support, you can run the selected major engine version on your DB cluster past the end of standard support for that engine version. For more information, see the following sections:\n + Amazon Aurora - [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html) in the *Amazon Aurora User Guide* \n + Amazon RDS - [Using Amazon RDS Extended Support](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html) in the *Amazon RDS User Guide* \n \n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n Valid Values: ``open-source-rds-extended-support | open-source-rds-extended-support-disabled`` \n Default: ``open-source-rds-extended-support``",
"type": "string"
},
"EngineMode": {
@@ -382,7 +394,7 @@
},
"MasterUserSecret": {
"$ref": "#/definitions/MasterUserSecret",
- "description": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*"
+ "description": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n When you restore a DB cluster from a snapshot, Amazon RDS generates a new secret instead of reusing the secret specified in the ``SecretArn`` property. This ensures that the restored DB cluster is securely managed with a dedicated secret. To maintain consistent integration with your application, you might need to update resource configurations to reference the newly created secret.\n For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.*"
},
"MasterUsername": {
"description": "The name of the master user for the DB cluster.\n If you specify the ``SourceDBClusterIdentifier``, ``SnapshotIdentifier``, or ``GlobalClusterIdentifier`` property, don't specify this property. The value is inherited from the source DB cluster, the snapshot, or the primary DB cluster for the global database cluster, respectively.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters",
@@ -391,12 +403,11 @@
"type": "string"
},
"MonitoringInterval": {
- "default": 0,
- "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify ``0``.\n If ``MonitoringRoleArn`` is specified, also set ``MonitoringInterval`` to a value other than ``0``.\n Valid for Cluster Type: Multi-AZ DB clusters only\n Valid Values: ``0 | 1 | 5 | 10 | 15 | 30 | 60`` \n Default: ``0``",
+ "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB cluster. To turn off collecting Enhanced Monitoring metrics, specify ``0``.\n If ``MonitoringRoleArn`` is specified, also set ``MonitoringInterval`` to a value other than ``0``.\n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n Valid Values: ``0 | 1 | 5 | 10 | 15 | 30 | 60`` \n Default: ``0``",
"type": "integer"
},
"MonitoringRoleArn": {
- "description": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is ``arn:aws:iam:123456789012:role/emaccess``. For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide*.\n If ``MonitoringInterval`` is set to a value other than ``0``, supply a ``MonitoringRoleArn`` value.\n Valid for Cluster Type: Multi-AZ DB clusters only",
+ "description": "The Amazon Resource Name (ARN) for the IAM role that permits RDS to send Enhanced Monitoring metrics to Amazon CloudWatch Logs. An example is ``arn:aws:iam:123456789012:role/emaccess``. For information on creating a monitoring role, see [Setting up and enabling Enhanced Monitoring](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling) in the *Amazon RDS User Guide*.\n If ``MonitoringInterval`` is set to a value other than ``0``, supply a ``MonitoringRoleArn`` value.\n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters",
"type": "string"
},
"NetworkType": {
@@ -404,15 +415,15 @@
"type": "string"
},
"PerformanceInsightsEnabled": {
- "description": "Specifies whether to turn on Performance Insights for the DB cluster.\n For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide*.\n Valid for Cluster Type: Multi-AZ DB clusters only",
+ "description": "Specifies whether to turn on Performance Insights for the DB cluster.\n For more information, see [Using Amazon Performance Insights](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html) in the *Amazon RDS User Guide*.\n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters",
"type": "boolean"
},
"PerformanceInsightsKmsKeyId": {
- "description": "The AWS KMS key identifier for encryption of Performance Insights data.\n The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n If you don't specify a value for ``PerformanceInsightsKMSKeyId``, then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS-account. Your AWS-account has a different default KMS key for each AWS-Region.\n Valid for Cluster Type: Multi-AZ DB clusters only",
+ "description": "The AWS KMS key identifier for encryption of Performance Insights data.\n The AWS KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.\n If you don't specify a value for ``PerformanceInsightsKMSKeyId``, then Amazon RDS uses your default KMS key. There is a default KMS key for your AWS-account. Your AWS-account has a different default KMS key for each AWS-Region.\n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters",
"type": "string"
},
"PerformanceInsightsRetentionPeriod": {
- "description": "The number of days to retain Performance Insights data.\n Valid for Cluster Type: Multi-AZ DB clusters only\n Valid Values:\n + ``7`` \n + *month* * 31, where *month* is a number of months from 1-23. Examples: ``93`` (3 months * 31), ``341`` (11 months * 31), ``589`` (19 months * 31)\n + ``731`` \n \n Default: ``7`` days\n If you specify a retention period that isn't valid, such as ``94``, Amazon RDS issues an error.",
+ "description": "The number of days to retain Performance Insights data. When creating a DB cluster without enabling Performance Insights, you can't specify the parameter ``PerformanceInsightsRetentionPeriod``.\n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters\n Valid Values:\n + ``7`` \n + *month* * 31, where *month* is a number of months from 1-23. Examples: ``93`` (3 months * 31), ``341`` (11 months * 31), ``589`` (19 months * 31)\n + ``731`` \n \n Default: ``7`` days\n If you specify a retention period that isn't valid, such as ``94``, Amazon RDS issues an error.",
"type": "integer"
},
"Port": {
@@ -424,7 +435,7 @@
"type": "string"
},
"PreferredMaintenanceWindow": {
- "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n Format: ``ddd:hh24:mi-ddd:hh24:mi`` \n The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Cluster Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.* \n Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n Constraints: Minimum 30-minute window.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters",
+ "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n Format: ``ddd:hh24:mi-ddd:hh24:mi`` \n The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the *Amazon Aurora User Guide.* \n Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.\n Constraints: Minimum 30-minute window.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters",
"type": "string"
},
"PubliclyAccessible": {
@@ -433,7 +444,7 @@
},
"ReadEndpoint": {
"$ref": "#/definitions/ReadEndpoint",
- "description": "This data type represents the information you need to connect to an Amazon RDS DB instance. This data type is used as a response element in the following actions:\n + ``CreateDBInstance`` \n + ``DescribeDBInstances`` \n + ``DeleteDBInstance`` \n \n For the data structure that represents Amazon Aurora DB cluster endpoints, see ``DBClusterEndpoint``."
+ "description": ""
},
"ReplicationSourceIdentifier": {
"description": "The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica.\n Valid for: Aurora DB clusters only",
@@ -444,8 +455,7 @@
"type": "string"
},
"RestoreType": {
- "default": "full-copy",
- "description": "The type of restore to be performed. You can specify one of the following values:\n + ``full-copy`` - The new DB cluster is restored as a full copy of the source DB cluster.\n + ``copy-on-write`` - The new DB cluster is restored as a clone of the source DB cluster.\n \n If you don't specify a ``RestoreType`` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters",
+ "description": "The type of restore to be performed. You can specify one of the following values:\n + ``full-copy`` - The new DB cluster is restored as a full copy of the source DB cluster.\n + ``copy-on-write`` - The new DB cluster is restored as a clone of the source DB cluster.\n \n If you don't specify a ``RestoreType`` value, then the new DB cluster is restored as a full copy of the source DB cluster.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters",
"type": "string"
},
"ScalingConfiguration": {
@@ -481,7 +491,7 @@
"type": "string"
},
"Tags": {
- "description": "An optional array of key-value pairs to apply to this DB cluster.\n Valid for: Aurora DB clusters and Multi-AZ DB clusters",
+ "description": "Tags to assign to the DB cluster.\n Valid for Cluster Type: Aurora DB clusters and Multi-AZ DB clusters",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
@@ -507,13 +517,13 @@
"/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)",
"/properties/DBClusterParameterGroupName": "$lowercase(DBClusterParameterGroupName)",
"/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)",
- "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) = 'aurora-postgresql' ? EnableHttpEndpoint : false )",
+ "/properties/EnableHttpEndpoint": "$lowercase($string(EngineMode)) = 'serverless' ? EnableHttpEndpoint : ($lowercase($string(Engine)) in ['aurora-postgresql', 'aurora-mysql'] ? EnableHttpEndpoint : false )",
"/properties/Engine": "$lowercase(Engine)",
"/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])",
- "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])",
- "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])",
+ "/properties/KmsKeyId": "$join([\"arn:.+?:kms:.+?:.+?:key\\/\", KmsKeyId])",
+ "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:.+?:kms:.+?:.+?:key\\/\", MasterUserSecret.KmsKeyId])",
"/properties/NetworkType": "$lowercase(NetworkType)",
- "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKmsKeyId])",
+ "/properties/PerformanceInsightsKmsKeyId": "$join([\"arn:.+?:kms:.+?:.+?:key\\/\", PerformanceInsightsKmsKeyId])",
"/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)",
"/properties/SnapshotIdentifier": "$lowercase(SnapshotIdentifier)",
"/properties/SourceDBClusterIdentifier": "$lowercase(SourceDBClusterIdentifier)",
@@ -525,6 +535,7 @@
"/properties/Endpoint",
"/properties/Endpoint/Address",
"/properties/Endpoint/Port",
+ "/properties/ReadEndpoint",
"/properties/ReadEndpoint/Address",
"/properties/MasterUserSecret/SecretArn",
"/properties/StorageThroughput"
@@ -543,6 +554,7 @@
},
"typeName": "AWS::RDS::DBCluster",
"writeOnlyProperties": [
+ "/properties/ClusterScalabilityType",
"/properties/DBInstanceParameterGroupName",
"/properties/MasterUserPassword",
"/properties/RestoreToTime",
diff --git a/schema/aws-rds-dbclusterparametergroup.json b/schema/aws-rds-dbclusterparametergroup.json
index 40031ca..75cefe8 100644
--- a/schema/aws-rds-dbclusterparametergroup.json
+++ b/schema/aws-rds-dbclusterparametergroup.json
@@ -8,7 +8,7 @@
"definitions": {
"Tag": {
"additionalProperties": false,
- "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
+ "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
"properties": {
"Key": {
"description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").",
@@ -29,7 +29,7 @@
"type": "object"
}
},
- "description": "The ``AWS::RDS::DBClusterParameterGroup`` resource creates a new Amazon RDS DB cluster parameter group.\n For information about configuring parameters for Amazon Aurora DB clusters, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide*.\n If you apply a parameter group to a DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n If you apply a change to parameter group associated with a stopped DB cluster, then the update stack waits until the DB cluster is started.",
+ "description": "The ``AWS::RDS::DBClusterParameterGroup`` resource creates a new Amazon RDS DB cluster parameter group.\n For information about configuring parameters for Amazon Aurora DB clusters, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide*.\n If you apply a parameter group to a DB cluster, then its DB instances might need to reboot. This can result in an outage while the DB instances are rebooting.\n If you apply a change to parameter group associated with a stopped DB cluster, then the updated stack waits until the DB cluster is started.",
"handlers": {
"create": {
"permissions": [
@@ -84,16 +84,16 @@
],
"properties": {
"DBClusterParameterGroupName": {
- "description": "The name of the DB cluster parameter group.\n Constraints:\n + Must not match the name of an existing DB cluster parameter group.\n \n If you don't specify a value for ``DBClusterParameterGroupName`` property, a name is automatically created for the DB cluster parameter group.\n This value is stored as a lowercase string.",
+ "description": "The name of the DB cluster parameter group.\n Constraints:\n + Must not match the name of an existing DB cluster parameter group.\n \n This value is stored as a lowercase string.",
"pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9])*$",
"type": "string"
},
"Description": {
- "description": "A friendly description for this DB cluster parameter group.",
+ "description": "The description for the DB cluster parameter group.",
"type": "string"
},
"Family": {
- "description": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a DB engine and engine version compatible with that DB cluster parameter group family.\n The DB cluster parameter group family can't be changed when updating a DB cluster parameter group.\n To list all of the available parameter group families, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"`` \n The output contains duplicates.\n For more information, see ``CreateDBClusterParameterGroup``.",
+ "description": "The DB cluster parameter group family name. A DB cluster parameter group can be associated with one and only one DB cluster parameter group family, and can be applied only to a DB cluster running a database engine and engine version compatible with that DB cluster parameter group family.\n *Aurora MySQL* \n Example: ``aurora-mysql5.7``, ``aurora-mysql8.0`` \n *Aurora PostgreSQL* \n Example: ``aurora-postgresql14`` \n *RDS for MySQL* \n Example: ``mysql8.0`` \n *RDS for PostgreSQL* \n Example: ``postgres13`` \n To list all of the available parameter group families for a DB engine, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `` \n For example, to list all of the available parameter group families for the Aurora PostgreSQL DB engine, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine aurora-postgresql`` \n The output contains duplicates.\n The following are the valid DB engine values:\n + ``aurora-mysql`` \n + ``aurora-postgresql`` \n + ``mysql`` \n + ``postgres``",
"type": "string"
},
"Parameters": {
@@ -101,7 +101,7 @@
"type": "object"
},
"Tags": {
- "description": "An optional array of key-value pairs to apply to this DB cluster parameter group.",
+ "description": "Tags to assign to the DB cluster parameter group.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
@@ -119,5 +119,16 @@
"Parameters"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::RDS::DBClusterParameterGroup"
}
diff --git a/schema/aws-rds-dbinstance.json b/schema/aws-rds-dbinstance.json
index 28c2cf1..005e539 100644
--- a/schema/aws-rds-dbinstance.json
+++ b/schema/aws-rds-dbinstance.json
@@ -26,10 +26,10 @@
"/properties/DBInstanceIdentifier",
"/properties/DBName",
"/properties/DBSubnetGroupName",
+ "/properties/DBSystemId",
"/properties/KmsKeyId",
"/properties/MasterUsername",
"/properties/NcharCharacterSetName",
- "/properties/Port",
"/properties/SourceRegion",
"/properties/StorageEncrypted",
"/properties/Timezone"
@@ -125,7 +125,7 @@
},
"Tag": {
"additionalProperties": false,
- "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
+ "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
"properties": {
"Key": {
"description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").",
@@ -150,7 +150,7 @@
"/properties/TdeCredentialArn",
"/properties/TdeCredentialPassword"
],
- "description": "The ``AWS::RDS::DBInstance`` resource creates an Amazon DB instance. The new DB instance can be an RDS DB instance, or it can be a DB instance in an Aurora DB cluster.\n For more information about creating an RDS DB instance, see [Creating an Amazon RDS DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CreateDBInstance.html) in the *Amazon RDS User Guide*.\n For more information about creating a DB instance in an Aurora DB cluster, see [Creating an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html) in the *Amazon Aurora User Guide*.\n If you import an existing DB instance, and the template configuration doesn't match the actual configuration of the DB instance, AWS CloudFormation applies the changes in the template during the import operation.\n If a DB instance is deleted or replaced during an update, AWS CloudFormation deletes all automated snapshots. However, it retains manual DB snapshots. During an update that requires replacement, you can apply a stack policy to prevent DB instances from being replaced. For more information, see [Prevent Updates to Stack Resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.html).\n *Updating DB instances* \n When properties labeled \"*Update requires:* [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)\" are updated, AWS CloudFormation first creates a replacement DB instance, then changes references from other dependent resources to point to the replacement DB instance, and finally deletes the old DB instance.\n We highly recommend that you take a snapshot of the database before updating the stack. If you don't, you lose the data when AWS CloudFormation replaces your DB instance. To preserve your data, perform the following procedure:\n 1. Deactivate any applications that are using the DB instance so that there's no activity on the DB instance.\n 1. Create a snapshot of the DB instance. For more information, see [Creating a DB Snapshot](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CreateSnapshot.html).\n 1. If you want to restore your instance using a DB snapshot, modify the updated template with your DB instance changes and add the ``DBSnapshotIdentifier`` property with the ID of the DB snapshot that you want to use.\n After you restore a DB instance with a ``DBSnapshotIdentifier`` property, you can delete the ``DBSnapshotIdentifier`` property. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the ``DBSnapshotIdentifier`` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified ``DBSnapshotIdentifier`` property, and the original DB instance is deleted.\n 1. Update the stack.\n \n For more information about updating other properties of this resource, see ``ModifyDBInstance``. For more information about updating stacks, see [CloudFormation Stacks Updates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html).\n *Deleting DB instances* \n For DB instances that are part of an Aurora DB cluster, you can set a deletion policy for your DB instance to control how AWS CloudFormation handles the DB instance when the stack is deleted. For Amazon RDS DB instances, you can choose to *retain* the DB instance, to *delete* the DB instance, or to *create a snapshot* of the DB instance. The default AWS CloudFormation behavior depends on the ``DBClusterIdentifier`` property:\n 1. For ``AWS::RDS::DBInstance`` resources that don't specify the ``DBClusterIdentifier`` property, AWS CloudFormation saves a snapshot of the DB instance.\n 1. For ``AWS::RDS::DBInstance`` resources that do specify the ``DBClusterIdentifier`` property, AWS CloudFormation deletes the DB instance.\n \n For more information, see [DeletionPolicy Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html).",
+ "description": "The ``AWS::RDS::DBInstance`` resource creates an Amazon DB instance. The new DB instance can be an RDS DB instance, or it can be a DB instance in an Aurora DB cluster.\n For more information about creating an RDS DB instance, see [Creating an Amazon RDS DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CreateDBInstance.html) in the *Amazon RDS User Guide*.\n For more information about creating a DB instance in an Aurora DB cluster, see [Creating an Amazon Aurora DB cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.CreateInstance.html) in the *Amazon Aurora User Guide*.\n If you import an existing DB instance, and the template configuration doesn't match the actual configuration of the DB instance, AWS CloudFormation applies the changes in the template during the import operation.\n If a DB instance is deleted or replaced during an update, AWS CloudFormation deletes all automated snapshots. However, it retains manual DB snapshots. During an update that requires replacement, you can apply a stack policy to prevent DB instances from being replaced. For more information, see [Prevent Updates to Stack Resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.html).\n *Updating DB instances* \n When properties labeled \"*Update requires:* [Replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement)\" are updated, AWS CloudFormation first creates a replacement DB instance, then changes references from other dependent resources to point to the replacement DB instance, and finally deletes the old DB instance.\n We highly recommend that you take a snapshot of the database before updating the stack. If you don't, you lose the data when AWS CloudFormation replaces your DB instance. To preserve your data, perform the following procedure:\n 1. Deactivate any applications that are using the DB instance so that there's no activity on the DB instance.\n 1. Create a snapshot of the DB instance. For more information, see [Creating a DB Snapshot](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_CreateSnapshot.html).\n 1. If you want to restore your instance using a DB snapshot, modify the updated template with your DB instance changes and add the ``DBSnapshotIdentifier`` property with the ID of the DB snapshot that you want to use.\n After you restore a DB instance with a ``DBSnapshotIdentifier`` property, you can delete the ``DBSnapshotIdentifier`` property. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the ``DBSnapshotIdentifier`` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified ``DBSnapshotIdentifier`` property, and the original DB instance is deleted.\n 1. Update the stack.\n \n For more information about updating other properties of this resource, see ``ModifyDBInstance``. For more information about updating stacks, see [CloudFormation Stacks Updates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html).\n *Deleting DB instances* \n For DB instances that are part of an Aurora DB cluster, you can set a deletion policy for your DB instance to control how AWS CloudFormation handles the DB instance when the stack is deleted. For Amazon RDS DB instances, you can choose to *retain* the DB instance, to *delete* the DB instance, or to *create a snapshot* of the DB instance. The default AWS CloudFormation behavior depends on the ``DBClusterIdentifier`` property:\n 1. For ``AWS::RDS::DBInstance`` resources that don't specify the ``DBClusterIdentifier`` property, AWS CloudFormation saves a snapshot of the DB instance.\n 1. For ``AWS::RDS::DBInstance`` resources that do specify the ``DBClusterIdentifier`` property, AWS CloudFormation deletes the DB instance.\n \n For more information, see [DeletionPolicy Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html).",
"handlers": {
"create": {
"permissions": [
@@ -234,6 +234,7 @@
"rds:DescribeDBEngineVersions",
"rds:DescribeDBInstances",
"rds:DescribeDBParameterGroups",
+ "rds:DescribeDBInstanceAutomatedBackups",
"rds:DescribeEvents",
"rds:ModifyDBInstance",
"rds:PromoteReadReplica",
@@ -261,6 +262,10 @@
"description": "A value that indicates whether major version upgrades are allowed. Changing this parameter doesn't result in an outage and the change is asynchronously applied as soon as possible.\n Constraints: Major version upgrades must be allowed when specifying a value for the ``EngineVersion`` parameter that is a different major version than the DB instance's current version.",
"type": "boolean"
},
+ "ApplyImmediately": {
+ "description": "Specifies whether changes to the DB instance and any pending modifications are applied immediately, regardless of the ``PreferredMaintenanceWindow`` setting. If set to ``false``, changes are applied during the next maintenance window. Until RDS applies the changes, the DB instance remains in a drift state. As a result, the configuration doesn't fully reflect the requested modifications and temporarily diverges from the intended state.\n In addition to the settings described in [Modifying a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html), this property also determines whether the DB instance reboots when a static parameter is modified in the associated DB parameter group.\n Default: ``true``",
+ "type": "boolean"
+ },
"AssociatedRoles": {
"description": "The IAMlong (IAM) roles associated with the DB instance. \n *Amazon Aurora* \n Not applicable. The associated roles are managed by the DB cluster.",
"items": {
@@ -277,15 +282,19 @@
"type": "string"
},
"AutomaticBackupReplicationRegion": {
- "description": "",
+ "description": "The AWS-Region associated with the automated backup.",
"type": "string"
},
+ "AutomaticBackupReplicationRetentionPeriod": {
+ "description": "The retention period for automated backups in a different AWS Region. Use this parameter to set a unique retention period that only applies to cross-Region automated backups. To enable automated backups in a different Region, specify a positive value for the ``AutomaticBackupReplicationRegion`` parameter. \n If not specified, this parameter defaults to the value of the ``BackupRetentionPeriod`` parameter. The maximum allowed value is 35.",
+ "minimum": 1,
+ "type": "integer"
+ },
"AvailabilityZone": {
"description": "The Availability Zone (AZ) where the database will be created. For information on AWS-Regions and Availability Zones, see [Regions and Availability Zones](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).\n For Amazon Aurora, each Aurora DB cluster hosts copies of its storage in three separate Availability Zones. Specify one of these Availability Zones. Aurora automatically chooses an appropriate Availability Zone if you don't specify one.\n Default: A random, system-chosen Availability Zone in the endpoint's AWS-Region.\n Constraints:\n + The ``AvailabilityZone`` parameter can't be specified if the DB instance is a Multi-AZ deployment.\n + The specified Availability Zone must be in the same AWS-Region as the current endpoint.\n \n Example: ``us-east-1d``",
"type": "string"
},
"BackupRetentionPeriod": {
- "default": 1,
"description": "The number of days for which automated backups are retained. Setting this parameter to a positive number enables backups. Setting this parameter to 0 disables automated backups.\n *Amazon Aurora* \n Not applicable. The retention period for automated backups is managed by the DB cluster.\n Default: 1\n Constraints:\n + Must be a value from 0 to 35\n + Can't be set to 0 if the DB instance is a source to read replicas",
"minimum": 0,
"type": "integer"
@@ -296,7 +305,7 @@
},
"CertificateDetails": {
"$ref": "#/definitions/CertificateDetails",
- "description": "The details of the DB instance's server certificate."
+ "description": ""
},
"CertificateRotationRestart": {
"description": "Specifies whether the DB instance is restarted when you rotate your SSL/TLS certificate.\n By default, the DB instance is restarted when you rotate your SSL/TLS certificate. The certificate is not updated until the DB instance is restarted.\n Set this parameter only if you are *not* using SSL/TLS to connect to the DB instance.\n If you are using SSL/TLS to connect to the DB instance, follow the appropriate instructions for your DB engine to rotate your SSL/TLS certificate:\n + For more information about rotating your SSL/TLS certificate for RDS DB engines, see [Rotating Your SSL/TLS Certificate.](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon RDS User Guide.* \n + For more information about rotating your SSL/TLS certificate for Aurora DB engines, see [Rotating Your SSL/TLS Certificate](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.SSL-certificate-rotation.html) in the *Amazon Aurora User Guide*.\n \n This setting doesn't apply to RDS Custom DB instances.",
@@ -315,7 +324,7 @@
"type": "string"
},
"DBClusterIdentifier": {
- "description": "The identifier of the DB cluster that the instance will belong to.",
+ "description": "The identifier of the DB cluster that this DB instance will belong to.\n This setting doesn't apply to RDS Custom DB instances.",
"type": "string"
},
"DBClusterSnapshotIdentifier": {
@@ -354,17 +363,21 @@
"uniqueItems": true
},
"DBSnapshotIdentifier": {
- "description": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n By specifying this property, you can create a DB instance from the specified DB snapshot. If the ``DBSnapshotIdentifier`` property is an empty string or the ``AWS::RDS::DBInstance`` declaration has no ``DBSnapshotIdentifier`` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n Some DB instance properties aren't valid when you restore from a snapshot, such as the ``MasterUsername`` and ``MasterUserPassword`` properties. For information about the properties that you can specify, see the ``RestoreDBInstanceFromDBSnapshot`` action in the *Amazon RDS API Reference*.\n After you restore a DB instance with a ``DBSnapshotIdentifier`` property, you must specify the same ``DBSnapshotIdentifier`` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the ``DBSnapshotIdentifier`` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified ``DBSnapshotIdentifier`` property, and the original DB instance is deleted.\n If you specify the ``DBSnapshotIdentifier`` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n + ``CharacterSetName`` \n + ``DBClusterIdentifier`` \n + ``DBName`` \n + ``DeleteAutomatedBackups`` \n + ``KmsKeyId`` \n + ``MasterUsername`` \n + ``MasterUserPassword`` \n + ``PerformanceInsightsKMSKeyId`` \n + ``PerformanceInsightsRetentionPeriod`` \n + ``PromotionTier`` \n + ``SourceDBInstanceIdentifier`` \n + ``SourceRegion`` \n + ``StorageEncrypted`` (for an encrypted snapshot)\n + ``Timezone`` \n \n *Amazon Aurora* \n Not applicable. Snapshot restore is managed by the DB cluster.",
+ "description": "The name or Amazon Resource Name (ARN) of the DB snapshot that's used to restore the DB instance. If you're restoring from a shared manual DB snapshot, you must specify the ARN of the snapshot.\n By specifying this property, you can create a DB instance from the specified DB snapshot. If the ``DBSnapshotIdentifier`` property is an empty string or the ``AWS::RDS::DBInstance`` declaration has no ``DBSnapshotIdentifier`` property, AWS CloudFormation creates a new database. If the property contains a value (other than an empty string), AWS CloudFormation creates a database from the specified snapshot. If a snapshot with the specified name doesn't exist, AWS CloudFormation can't create the database and it rolls back the stack.\n Some DB instance properties aren't valid when you restore from a snapshot, such as the ``MasterUsername`` and ``MasterUserPassword`` properties, and the point-in-time recovery properties ``RestoreTime`` and ``UseLatestRestorableTime``. For information about the properties that you can specify, see the [RestoreDBInstanceFromDBSnapshot](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_RestoreDBInstanceFromDBSnapshot.html) action in the *Amazon RDS API Reference*.\n After you restore a DB instance with a ``DBSnapshotIdentifier`` property, you must specify the same ``DBSnapshotIdentifier`` property for any future updates to the DB instance. When you specify this property for an update, the DB instance is not restored from the DB snapshot again, and the data in the database is not changed. However, if you don't specify the ``DBSnapshotIdentifier`` property, an empty DB instance is created, and the original DB instance is deleted. If you specify a property that is different from the previous snapshot restore property, a new DB instance is restored from the specified ``DBSnapshotIdentifier`` property, and the original DB instance is deleted.\n If you specify the ``DBSnapshotIdentifier`` property to restore a DB instance (as opposed to specifying it for DB instance updates), then don't specify the following properties:\n + ``CharacterSetName`` \n + ``DBClusterIdentifier`` \n + ``DBName`` \n + ``KmsKeyId`` \n + ``MasterUsername`` \n + ``MasterUserPassword`` \n + ``PromotionTier`` \n + ``SourceDBInstanceIdentifier`` \n + ``SourceRegion`` \n + ``StorageEncrypted`` (for an unencrypted snapshot)\n + ``Timezone`` \n \n *Amazon Aurora* \n Not applicable. Snapshot restore is managed by the DB cluster.",
"type": "string"
},
"DBSubnetGroupName": {
- "description": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC. \n If there's no DB subnet group, then the DB instance isn't a VPC DB instance.\n For more information about using Amazon RDS in a VPC, see [Using Amazon RDS with Amazon Virtual Private Cloud (VPC)](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide*. \n *Amazon Aurora* \n Not applicable. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.",
+ "description": "A DB subnet group to associate with the DB instance. If you update this value, the new subnet group must be a subnet group in a new VPC. \n If you don't specify a DB subnet group, RDS uses the default DB subnet group if one exists. If a default DB subnet group does not exist, and you don't specify a ``DBSubnetGroupName``, the DB instance fails to launch. \n For more information about using Amazon RDS in a VPC, see [Amazon VPC and Amazon RDS](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.html) in the *Amazon RDS User Guide*. \n This setting doesn't apply to Amazon Aurora DB instances. The DB subnet group is managed by the DB cluster. If specified, the setting must match the DB cluster setting.",
"type": "string"
},
"DBSystemId": {
"description": "The Oracle system identifier (SID), which is the name of the Oracle database instance that manages your database files. In this context, the term \"Oracle database instance\" refers exclusively to the system global area (SGA) and Oracle background processes. If you don't specify a SID, the value defaults to ``RDSCDB``. The Oracle SID is also the name of your CDB.",
"type": "string"
},
+ "DatabaseInsightsMode": {
+ "description": "",
+ "type": "string"
+ },
"DbiResourceId": {
"description": "",
"type": "string"
@@ -378,7 +391,7 @@
"type": "boolean"
},
"DeletionProtection": {
- "description": "A value that indicates whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html). \n *Amazon Aurora* \n Not applicable. You can enable or disable deletion protection for the DB cluster. For more information, see ``CreateDBCluster``. DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.",
+ "description": "Specifies whether the DB instance has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection isn't enabled. For more information, see [Deleting a DB Instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html).\n This setting doesn't apply to Amazon Aurora DB instances. You can enable or disable deletion protection for the DB cluster. For more information, see ``CreateDBCluster``. DB instances in a DB cluster can be deleted even when deletion protection is enabled for the DB cluster.",
"type": "boolean"
},
"Domain": {
@@ -425,7 +438,7 @@
},
"Endpoint": {
"$ref": "#/definitions/Endpoint",
- "description": "The connection endpoint for the DB instance.\n The endpoint might not be shown for instances with the status of ``creating``."
+ "description": ""
},
"Engine": {
"description": "The name of the database engine to use for this DB instance. Not every database engine is available in every AWS Region.\n This property is required when creating a DB instance.\n You can convert an Oracle database from the non-CDB architecture to the container database (CDB) architecture by updating the ``Engine`` value in your templates from ``oracle-ee`` to ``oracle-ee-cdb`` or from ``oracle-se2`` to ``oracle-se2-cdb``. Converting to the CDB architecture requires an interruption.\n Valid Values:\n + ``aurora-mysql`` (for Aurora MySQL DB instances)\n + ``aurora-postgresql`` (for Aurora PostgreSQL DB instances)\n + ``custom-oracle-ee`` (for RDS Custom for Oracle DB instances)\n + ``custom-oracle-ee-cdb`` (for RDS Custom for Oracle DB instances)\n + ``custom-sqlserver-ee`` (for RDS Custom for SQL Server DB instances)\n + ``custom-sqlserver-se`` (for RDS Custom for SQL Server DB instances)\n + ``custom-sqlserver-web`` (for RDS Custom for SQL Server DB instances)\n + ``db2-ae`` \n + ``db2-se`` \n + ``mariadb`` \n + ``mysql`` \n + ``oracle-ee`` \n + ``oracle-ee-cdb`` \n + ``oracle-se2`` \n + ``oracle-se2-cdb`` \n + ``postgres`` \n + ``sqlserver-ee`` \n + ``sqlserver-se`` \n + ``sqlserver-ex`` \n + ``sqlserver-web``",
@@ -464,7 +477,7 @@
"description": "The secret managed by RDS in AWS Secrets Manager for the master user password.\n For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide.*"
},
"MasterUsername": {
- "description": "The master user name for the DB instance.\n If you specify the ``SourceDBInstanceIdentifier`` or ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name.\n *Amazon Aurora* \n Not applicable. The name for the master user is managed by the DB cluster. \n *RDS for Db2* \n Constraints:\n + Must be 1 to 16 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for MariaDB* \n Constraints:\n + Must be 1 to 16 letters or numbers.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for Microsoft SQL Server* \n Constraints:\n + Must be 1 to 128 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for MySQL* \n Constraints:\n + Must be 1 to 16 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for Oracle* \n Constraints:\n + Must be 1 to 30 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for PostgreSQL* \n Constraints:\n + Must be 1 to 63 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.",
+ "description": "The master user name for the DB instance.\n If you specify the ``SourceDBInstanceIdentifier`` or ``DBSnapshotIdentifier`` property, don't specify this property. The value is inherited from the source DB instance or snapshot.\n When migrating a self-managed Db2 database, we recommend that you use the same master username as your self-managed Db2 instance name.\n *Amazon Aurora* \n Not applicable. The name for the master user is managed by the DB cluster. \n *RDS for Db2* \n Constraints:\n + Must be 1 to 16 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for MariaDB* \n Constraints:\n + Must be 1 to 16 letters or numbers.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for Microsoft SQL Server* \n Constraints:\n + Must be 1 to 128 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for MySQL* \n Constraints:\n + Must be 1 to 16 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for Oracle* \n Constraints:\n + Must be 1 to 30 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.\n \n *RDS for PostgreSQL* \n Constraints:\n + Must be 1 to 63 letters or numbers.\n + First character must be a letter.\n + Can't be a reserved word for the chosen database engine.",
"maxLength": 128,
"minLength": 1,
"pattern": "^[a-zA-Z][a-zA-Z0-9_]{0,127}$",
@@ -475,8 +488,7 @@
"type": "integer"
},
"MonitoringInterval": {
- "default": 0,
- "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify 0. The default is 0.\n If ``MonitoringRoleArn`` is specified, then you must set ``MonitoringInterval`` to a value other than 0.\n This setting doesn't apply to RDS Custom.\n Valid Values: ``0, 1, 5, 10, 15, 30, 60``",
+ "description": "The interval, in seconds, between points when Enhanced Monitoring metrics are collected for the DB instance. To disable collection of Enhanced Monitoring metrics, specify ``0``.\n If ``MonitoringRoleArn`` is specified, then you must set ``MonitoringInterval`` to a value other than ``0``.\n This setting doesn't apply to RDS Custom DB instances.\n Valid Values: ``0 | 1 | 5 | 10 | 15 | 30 | 60`` \n Default: ``0``",
"type": "integer"
},
"MonitoringRoleArn": {
@@ -484,7 +496,7 @@
"type": "string"
},
"MultiAZ": {
- "description": "Specifies whether the database instance is a Multi-AZ DB instance deployment. You can't set the ``AvailabilityZone`` parameter if the ``MultiAZ`` parameter is set to true. \n For more information, see [Multi-AZ deployments for high availability](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.MultiAZ.html) in the *Amazon RDS User Guide*.\n *Amazon Aurora* \n Not applicable. Amazon Aurora storage is replicated across all of the Availability Zones and doesn't require the ``MultiAZ`` option to be set.",
+ "description": "Specifies whether the DB instance is a Multi-AZ deployment. You can't set the ``AvailabilityZone`` parameter if the DB instance is a Multi-AZ deployment.\n This setting doesn't apply to the following DB instances:\n + Amazon Aurora (DB instance Availability Zones (AZs) are managed by the DB cluster.)\n + RDS Custom",
"type": "boolean"
},
"NcharCharacterSetName": {
@@ -504,11 +516,11 @@
"type": "string"
},
"PerformanceInsightsRetentionPeriod": {
- "description": "The number of days to retain Performance Insights data.\n This setting doesn't apply to RDS Custom DB instances.\n Valid Values:\n + ``7`` \n + *month* * 31, where *month* is a number of months from 1-23. Examples: ``93`` (3 months * 31), ``341`` (11 months * 31), ``589`` (19 months * 31)\n + ``731`` \n \n Default: ``7`` days\n If you specify a retention period that isn't valid, such as ``94``, Amazon RDS returns an error.",
+ "description": "The number of days to retain Performance Insights data. When creating a DB instance without enabling Performance Insights, you can't specify the parameter ``PerformanceInsightsRetentionPeriod``.\n This setting doesn't apply to RDS Custom DB instances.\n Valid Values:\n + ``7`` \n + *month* * 31, where *month* is a number of months from 1-23. Examples: ``93`` (3 months * 31), ``341`` (11 months * 31), ``589`` (19 months * 31)\n + ``731`` \n \n Default: ``7`` days\n If you specify a retention period that isn't valid, such as ``94``, Amazon RDS returns an error.",
"type": "integer"
},
"Port": {
- "description": "The port number on which the database accepts connections.\n *Amazon Aurora* \n Not applicable. The port number is managed by the DB cluster.\n *Db2* \n Default value: ``50000``",
+ "description": "The port number on which the database accepts connections.\n This setting doesn't apply to Aurora DB instances. The port number is managed by the cluster.\n Valid Values: ``1150-65535`` \n Default:\n + RDS for Db2 - ``50000`` \n + RDS for MariaDB - ``3306`` \n + RDS for Microsoft SQL Server - ``1433`` \n + RDS for MySQL - ``3306`` \n + RDS for Oracle - ``1521`` \n + RDS for PostgreSQL - ``5432`` \n \n Constraints:\n + For RDS for Microsoft SQL Server, the value can't be ``1234``, ``1434``, ``3260``, ``3343``, ``3389``, ``47001``, or ``49152-49156``.",
"pattern": "^\\d*$",
"type": "string"
},
@@ -517,7 +529,7 @@
"type": "string"
},
"PreferredMaintenanceWindow": {
- "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n Format: ``ddd:hh24:mi-ddd:hh24:mi`` \n The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Adjusting the Preferred DB Instance Maintenance Window](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.* \n This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately.\n Constraints: Minimum 30-minute window.",
+ "description": "The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).\n Format: ``ddd:hh24:mi-ddd:hh24:mi`` \n The default is a 30-minute window selected at random from an 8-hour block of time for each AWS Region, occurring on a random day of the week. To see the time blocks available, see [Maintaining a DB instance](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow) in the *Amazon RDS User Guide.* \n This property applies when AWS CloudFormation initially creates the DB instance. If you use AWS CloudFormation to update the DB instance, those updates are applied immediately.\n Constraints: Minimum 30-minute window.",
"type": "string"
},
"ProcessorFeatures": {
@@ -528,7 +540,6 @@
"type": "array"
},
"PromotionTier": {
- "default": 1,
"description": "The order of priority in which an Aurora Replica is promoted to the primary instance after a failure of the existing primary instance. For more information, see [Fault Tolerance for an Aurora DB Cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.AuroraHighAvailability.html#Aurora.Managing.FaultTolerance) in the *Amazon Aurora User Guide*.\n This setting doesn't apply to RDS Custom DB instances.\n Default: ``1`` \n Valid Values: ``0 - 15``",
"minimum": 0,
"type": "integer"
@@ -542,7 +553,7 @@
"type": "string"
},
"RestoreTime": {
- "description": "The date and time to restore from.\n Constraints:\n + Must be a time in Universal Coordinated Time (UTC) format.\n + Must be before the latest restorable time for the DB instance.\n + Can't be specified if the ``UseLatestRestorableTime`` parameter is enabled.\n \n Example: ``2009-09-07T23:45:00Z``",
+ "description": "The date and time to restore from. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide*.\n Constraints:\n + Must be a time in Universal Coordinated Time (UTC) format.\n + Must be before the latest restorable time for the DB instance.\n + Can't be specified if the ``UseLatestRestorableTime`` parameter is enabled.\n \n Example: ``2009-09-07T23:45:00Z``",
"format": "date-time",
"type": "string"
},
@@ -571,15 +582,15 @@
"type": "boolean"
},
"StorageThroughput": {
- "description": "Specifies the storage throughput value for the DB instance. This setting applies only to the ``gp3`` storage type. \n This setting doesn't apply to RDS Custom or Amazon Aurora.",
+ "description": "Specifies the storage throughput value, in mebibyte per second (MiBps), for the DB instance. This setting applies only to the ``gp3`` storage type. \n This setting doesn't apply to RDS Custom or Amazon Aurora.",
"type": "integer"
},
"StorageType": {
- "description": "The storage type to associate with the DB instance.\n If you specify ``io1``, ``io2``, or ``gp3``, you must also include a value for the ``Iops`` parameter.\n This setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n Valid Values: ``gp2 | gp3 | io1 | io2 | standard`` \n Default: ``io1``, if the ``Iops`` parameter is specified. Otherwise, ``gp2``.",
+ "description": "The storage type to associate with the DB instance.\n If you specify ``io1``, ``io2``, or ``gp3``, you must also include a value for the ``Iops`` parameter.\n This setting doesn't apply to Amazon Aurora DB instances. Storage is managed by the DB cluster.\n Valid Values: ``gp2 | gp3 | io1 | io2 | standard`` \n Default: ``io1``, if the ``Iops`` parameter is specified. Otherwise, ``gp3``.",
"type": "string"
},
"Tags": {
- "description": "An optional array of key-value pairs to apply to this DB instance.",
+ "description": "Tags to assign to the DB instance.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
@@ -604,7 +615,7 @@
"type": "boolean"
},
"UseLatestRestorableTime": {
- "description": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time.\n Constraints:\n + Can't be specified if the ``RestoreTime`` parameter is provided.",
+ "description": "Specifies whether the DB instance is restored from the latest backup time. By default, the DB instance isn't restored from the latest backup time. This parameter applies to point-in-time recovery. For more information, see [Restoring a DB instance to a specified time](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIT.html) in the in the *Amazon RDS User Guide*.\n Constraints:\n + Can't be specified if the ``RestoreTime`` parameter is provided.",
"type": "boolean"
},
"VPCSecurityGroups": {
@@ -624,30 +635,43 @@
"/properties/DBParameterGroupName": "$lowercase(DBParameterGroupName)",
"/properties/DBSnapshotIdentifier": "$lowercase(DBSnapshotIdentifier)",
"/properties/DBSubnetGroupName": "$lowercase(DBSubnetGroupName)",
+ "/properties/DBSystemId": "$uppercase(DBSystemId)",
"/properties/Engine": "$lowercase(Engine)",
"/properties/EngineVersion": "$join([$string(EngineVersion), \".*\"])",
- "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])",
- "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", MasterUserSecret.KmsKeyId])",
+ "/properties/KmsKeyId": "$join([\"arn:.+?:kms:.+?:.+?:key\\/\", KmsKeyId])",
+ "/properties/MasterUserSecret/KmsKeyId": "$join([\"arn:.+?:kms:.+?:.+?:key\\/\", MasterUserSecret.KmsKeyId])",
"/properties/NetworkType": "$lowercase(NetworkType)",
"/properties/OptionGroupName": "$lowercase(OptionGroupName)",
- "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", PerformanceInsightsKMSKeyId])",
+ "/properties/PerformanceInsightsKMSKeyId": "$join([\"arn:.+?:kms:.+?:.+?:key\\/\", PerformanceInsightsKMSKeyId])",
"/properties/PreferredMaintenanceWindow": "$lowercase(PreferredMaintenanceWindow)",
"/properties/SourceDBInstanceAutomatedBackupsArn": "$lowercase(SourceDBInstanceAutomatedBackupsArn)",
"/properties/SourceDBInstanceIdentifier": "$lowercase(SourceDBInstanceIdentifier)",
"/properties/StorageType": "$lowercase(StorageType)"
},
"readOnlyProperties": [
+ "/properties/Endpoint",
"/properties/Endpoint/Address",
"/properties/Endpoint/Port",
"/properties/Endpoint/HostedZoneId",
"/properties/DbiResourceId",
"/properties/DBInstanceArn",
- "/properties/DBSystemId",
"/properties/MasterUserSecret/SecretArn",
+ "/properties/CertificateDetails",
"/properties/CertificateDetails/CAIdentifier",
"/properties/CertificateDetails/ValidTill"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::RDS::DBInstance",
"writeOnlyProperties": [
"/properties/AllowMajorVersionUpgrade",
@@ -656,7 +680,6 @@
"/properties/DBSnapshotIdentifier",
"/properties/DeleteAutomatedBackups",
"/properties/MasterUserPassword",
- "/properties/Port",
"/properties/RestoreTime",
"/properties/SourceDBInstanceAutomatedBackupsArn",
"/properties/SourceDBInstanceIdentifier",
@@ -664,6 +687,7 @@
"/properties/SourceRegion",
"/properties/TdeCredentialPassword",
"/properties/UseDefaultProcessorFeatures",
- "/properties/UseLatestRestorableTime"
+ "/properties/UseLatestRestorableTime",
+ "/properties/ApplyImmediately"
]
}
diff --git a/schema/aws-rds-dbparametergroup.json b/schema/aws-rds-dbparametergroup.json
index ef46611..c397df7 100644
--- a/schema/aws-rds-dbparametergroup.json
+++ b/schema/aws-rds-dbparametergroup.json
@@ -8,7 +8,7 @@
"definitions": {
"Tag": {
"additionalProperties": false,
- "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
+ "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
"properties": {
"Key": {
"description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").",
@@ -89,15 +89,15 @@
"type": "string"
},
"Family": {
- "description": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a DB engine and engine version compatible with that DB parameter group family.\n The DB parameter group family can't be changed when updating a DB parameter group.\n To list all of the available parameter group families, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\"`` \n The output contains duplicates.\n For more information, see ``CreateDBParameterGroup``.",
+ "description": "The DB parameter group family name. A DB parameter group can be associated with one and only one DB parameter group family, and can be applied only to a DB instance running a database engine and engine version compatible with that DB parameter group family.\n To list all of the available parameter group families for a DB engine, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine `` \n For example, to list all of the available parameter group families for the MySQL DB engine, use the following command:\n ``aws rds describe-db-engine-versions --query \"DBEngineVersions[].DBParameterGroupFamily\" --engine mysql`` \n The output contains duplicates.\n The following are the valid DB engine values:\n + ``aurora-mysql`` \n + ``aurora-postgresql`` \n + ``db2-ae`` \n + ``db2-se`` \n + ``mysql`` \n + ``oracle-ee`` \n + ``oracle-ee-cdb`` \n + ``oracle-se2`` \n + ``oracle-se2-cdb`` \n + ``postgres`` \n + ``sqlserver-ee`` \n + ``sqlserver-se`` \n + ``sqlserver-ex`` \n + ``sqlserver-web``",
"type": "string"
},
"Parameters": {
- "description": "An array of parameter names and values for the parameter update. At least one parameter name and value must be supplied. Subsequent arguments are optional.\n RDS for Db2 requires you to bring your own Db2 license. You must enter your IBM customer ID (``rds.ibm_customer_id``) and site number (``rds.ibm_site_id``) before starting a Db2 instance.\n For more information about DB parameters and DB parameter groups for Amazon RDS DB engines, see [Working with DB Parameter Groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide*.\n For more information about DB cluster and DB instance parameters and parameter groups for Amazon Aurora DB engines, see [Working with DB Parameter Groups and DB Cluster Parameter Groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide*.\n AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.",
+ "description": "A mapping of parameter names and values for the parameter update. You must specify at least one parameter name and value.\n For more information about parameter groups, see [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithParamGroups.html) in the *Amazon RDS User Guide*, or [Working with parameter groups](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_WorkingWithParamGroups.html) in the *Amazon Aurora User Guide*.\n AWS CloudFormation doesn't support specifying an apply method for each individual parameter. The default apply method for each parameter is used.",
"type": "object"
},
"Tags": {
- "description": "An optional array of key-value pairs to apply to this DB parameter group.\n Currently, this is the only property that supports drift detection.",
+ "description": "Tags to assign to the DB parameter group.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
@@ -115,5 +115,16 @@
"Description"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::RDS::DBParameterGroup"
}
diff --git a/schema/aws-rds-dbproxy.json b/schema/aws-rds-dbproxy.json
index be20059..84cfb40 100644
--- a/schema/aws-rds-dbproxy.json
+++ b/schema/aws-rds-dbproxy.json
@@ -195,6 +195,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource",
+ "rds:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-rds-dbproxyendpoint.json b/schema/aws-rds-dbproxyendpoint.json
index 8db2f30..efd2899 100644
--- a/schema/aws-rds-dbproxyendpoint.json
+++ b/schema/aws-rds-dbproxyendpoint.json
@@ -139,6 +139,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource",
+ "rds:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-rds-dbshardgroup.json b/schema/aws-rds-dbshardgroup.json
new file mode 100644
index 0000000..0bfc70b
--- /dev/null
+++ b/schema/aws-rds-dbshardgroup.json
@@ -0,0 +1,155 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/DBClusterIdentifier",
+ "/properties/DBShardGroupIdentifier",
+ "/properties/PubliclyAccessible"
+ ],
+ "definitions": {
+ "Tag": {
+ "additionalProperties": false,
+ "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
+ "properties": {
+ "Key": {
+ "description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").",
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "description": "A value is the optional value of the tag. The string value can be from 1 to 256 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "Creates a new DB shard group for Aurora Limitless Database. You must enable Aurora Limitless Database to create a DB shard group.\n Valid for: Aurora DB clusters only",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:CreateDBShardGroup",
+ "rds:DescribeDBClusters",
+ "rds:DescribeDBShardGroups",
+ "rds:ListTagsForResource"
+ ],
+ "timeoutInMinutes": 2160
+ },
+ "delete": {
+ "permissions": [
+ "rds:DeleteDBShardGroup",
+ "rds:DescribeDBClusters",
+ "rds:DescribeDbShardGroups"
+ ],
+ "timeoutInMinutes": 2160
+ },
+ "list": {
+ "permissions": [
+ "rds:DescribeDBShardGroups",
+ "rds:ListTagsForResource"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "rds:DescribeDBShardGroups",
+ "rds:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:DescribeDBShardGroups",
+ "rds:DescribeDBClusters",
+ "rds:RemoveTagsFromResource",
+ "rds:ModifyDBShardGroup",
+ "rds:ListTagsForResource"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/DBShardGroupIdentifier"
+ ],
+ "properties": {
+ "ComputeRedundancy": {
+ "description": "Specifies whether to create standby DB shard groups for the DB shard group. Valid values are the following:\n + 0 - Creates a DB shard group without a standby DB shard group. This is the default value.\n + 1 - Creates a DB shard group with a standby DB shard group in a different Availability Zone (AZ).\n + 2 - Creates a DB shard group with two standby DB shard groups in two different AZs.",
+ "minimum": 0,
+ "type": "integer"
+ },
+ "DBClusterIdentifier": {
+ "description": "The name of the primary DB cluster for the DB shard group.",
+ "maxLength": 63,
+ "minLength": 1,
+ "type": "string"
+ },
+ "DBShardGroupIdentifier": {
+ "description": "The name of the DB shard group.",
+ "maxLength": 63,
+ "minLength": 1,
+ "type": "string"
+ },
+ "DBShardGroupResourceId": {
+ "description": "",
+ "type": "string"
+ },
+ "Endpoint": {
+ "description": "",
+ "type": "string"
+ },
+ "MaxACU": {
+ "description": "The maximum capacity of the DB shard group in Aurora capacity units (ACUs).",
+ "type": "number"
+ },
+ "MinACU": {
+ "description": "The minimum capacity of the DB shard group in Aurora capacity units (ACUs).",
+ "type": "number"
+ },
+ "PubliclyAccessible": {
+ "description": "Specifies whether the DB shard group is publicly accessible.\n When the DB shard group is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB shard group's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB shard group's VPC. Access to the DB shard group is ultimately controlled by the security group it uses. That public access is not permitted if the security group assigned to the DB shard group doesn't permit it.\n When the DB shard group isn't publicly accessible, it is an internal DB shard group with a DNS name that resolves to a private IP address.\n Default: The default behavior varies depending on whether ``DBSubnetGroupName`` is specified.\n If ``DBSubnetGroupName`` isn't specified, and ``PubliclyAccessible`` isn't specified, the following applies:\n + If the default VPC in the target Region doesn\u2019t have an internet gateway attached to it, the DB shard group is private.\n + If the default VPC in the target Region has an internet gateway attached to it, the DB shard group is public.\n \n If ``DBSubnetGroupName`` is specified, and ``PubliclyAccessible`` isn't specified, the following applies:\n + If the subnets are part of a VPC that doesn\u2019t have an internet gateway attached to it, the DB shard group is private.\n + If the subnets are part of a VPC that has an internet gateway attached to it, the DB shard group is public.",
+ "type": "boolean"
+ },
+ "Tags": {
+ "description": "An optional set of key-value pairs to associate arbitrary data of your choosing with the DB shard group.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 50,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "propertyTransform": {
+ "/properties/DBClusterIdentifier": "$lowercase(DBClusterIdentifier)",
+ "/properties/DBShardGroupIdentifier": "$lowercase(DBShardGroupIdentifier)"
+ },
+ "readOnlyProperties": [
+ "/properties/DBShardGroupResourceId",
+ "/properties/Endpoint"
+ ],
+ "required": [
+ "DBClusterIdentifier",
+ "MaxACU"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::RDS::DBShardGroup",
+ "writeOnlyProperties": [
+ "/properties/MinACU"
+ ]
+}
diff --git a/schema/aws-rds-dbsubnetgroup.json b/schema/aws-rds-dbsubnetgroup.json
index 15efc8b..b0cf082 100644
--- a/schema/aws-rds-dbsubnetgroup.json
+++ b/schema/aws-rds-dbsubnetgroup.json
@@ -6,7 +6,7 @@
"definitions": {
"Tag": {
"additionalProperties": false,
- "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
+ "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
"properties": {
"Key": {
"description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").",
@@ -76,11 +76,12 @@
"type": "string"
},
"DBSubnetGroupName": {
- "description": "The name for the DB subnet group. This value is stored as a lowercase string.\n Constraints: Must contain no more than 255 lowercase alphanumeric characters or hyphens. Must not be \"Default\".\n Example: ``mysubnetgroup``",
+ "description": "The name for the DB subnet group. This value is stored as a lowercase string.\n Constraints:\n + Must contain no more than 255 letters, numbers, periods, underscores, spaces, or hyphens.\n + Must not be default.\n + First character must be a letter.\n \n Example: ``mydbsubnetgroup``",
"type": "string"
},
"SubnetIds": {
"description": "The EC2 Subnet IDs for the DB subnet group.",
+ "insertionOrder": false,
"items": {
"type": "string"
},
@@ -88,7 +89,7 @@
"uniqueItems": false
},
"Tags": {
- "description": "An optional array of key-value pairs to apply to this DB subnet group.",
+ "description": "Tags to assign to the DB subnet group.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
@@ -106,8 +107,16 @@
"SubnetIds"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds",
- "typeName": "AWS::RDS::DBSubnetGroup",
- "writeOnlyProperties": [
- "/properties/SubnetIds"
- ]
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::RDS::DBSubnetGroup"
}
diff --git a/schema/aws-rds-eventsubscription.json b/schema/aws-rds-eventsubscription.json
index c70603a..50a8107 100644
--- a/schema/aws-rds-eventsubscription.json
+++ b/schema/aws-rds-eventsubscription.json
@@ -7,7 +7,7 @@
"definitions": {
"Tag": {
"additionalProperties": false,
- "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
+ "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
"properties": {
"Key": {
"description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").",
@@ -91,7 +91,7 @@
"type": "string"
},
"SourceIds": {
- "description": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n Constraints:\n + If a ``SourceIds`` value is supplied, ``SourceType`` must also be provided.\n + If the source type is a DB instance, a ``DBInstanceIdentifier`` value must be supplied.\n + If the source type is a DB cluster, a ``DBClusterIdentifier`` value must be supplied.\n + If the source type is a DB parameter group, a ``DBParameterGroupName`` value must be supplied.\n + If the source type is a DB security group, a ``DBSecurityGroupName`` value must be supplied.\n + If the source type is a DB snapshot, a ``DBSnapshotIdentifier`` value must be supplied.\n + If the source type is a DB cluster snapshot, a ``DBClusterSnapshotIdentifier`` value must be supplied.",
+ "description": "The list of identifiers of the event sources for which events are returned. If not specified, then all sources are included in the response. An identifier must begin with a letter and must contain only ASCII letters, digits, and hyphens. It can't end with a hyphen or contain two consecutive hyphens.\n Constraints:\n + If ``SourceIds`` are supplied, ``SourceType`` must also be provided.\n + If the source type is a DB instance, a ``DBInstanceIdentifier`` value must be supplied.\n + If the source type is a DB cluster, a ``DBClusterIdentifier`` value must be supplied.\n + If the source type is a DB parameter group, a ``DBParameterGroupName`` value must be supplied.\n + If the source type is a DB security group, a ``DBSecurityGroupName`` value must be supplied.\n + If the source type is a DB snapshot, a ``DBSnapshotIdentifier`` value must be supplied.\n + If the source type is a DB cluster snapshot, a ``DBClusterSnapshotIdentifier`` value must be supplied.\n + If the source type is an RDS Proxy, a ``DBProxyName`` value must be supplied.",
"insertionOrder": false,
"items": {
"type": "string"
@@ -100,7 +100,7 @@
"uniqueItems": true
},
"SourceType": {
- "description": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, set this parameter to ``db-instance``. If this value isn't specified, all events are returned.\n Valid values: ``db-instance`` | ``db-cluster`` | ``db-parameter-group`` | ``db-security-group`` | ``db-snapshot`` | ``db-cluster-snapshot``",
+ "description": "The type of source that is generating the events. For example, if you want to be notified of events generated by a DB instance, you set this parameter to ``db-instance``. For RDS Proxy events, specify ``db-proxy``. If this value isn't specified, all events are returned.\n Valid Values:``db-instance | db-cluster | db-parameter-group | db-security-group | db-snapshot | db-cluster-snapshot | db-proxy | zero-etl | custom-engine-version | blue-green-deployment``",
"type": "string"
},
"SubscriptionName": {
@@ -126,5 +126,16 @@
"SnsTopicArn"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::RDS::EventSubscription"
}
diff --git a/schema/aws-rds-globalcluster.json b/schema/aws-rds-globalcluster.json
index 7e19f15..958180e 100644
--- a/schema/aws-rds-globalcluster.json
+++ b/schema/aws-rds-globalcluster.json
@@ -6,6 +6,40 @@
"/properties/StorageEncrypted",
"/properties/Engine"
],
+ "definitions": {
+ "GlobalEndpoint": {
+ "additionalProperties": false,
+ "properties": {
+ "Address": {
+ "description": "The writer endpoint for the global database cluster. This endpoint always points to the writer DB instance in the current primary cluster.",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ",
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key"
+ ],
+ "type": "object"
+ }
+ },
"description": "Resource Type definition for AWS::RDS::GlobalCluster",
"handlers": {
"create": {
@@ -36,7 +70,9 @@
"update": {
"permissions": [
"rds:ModifyGlobalCluster",
- "rds:DescribeGlobalClusters"
+ "rds:DescribeGlobalClusters",
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource"
]
}
},
@@ -79,9 +115,14 @@
},
"GlobalClusterIdentifier": {
"description": "The cluster identifier of the new global database cluster. This parameter is stored as a lowercase string.",
+ "maxLength": 63,
+ "minLength": 1,
"pattern": "^[a-zA-Z]{1}(?:-?[a-zA-Z0-9]){0,62}$",
"type": "string"
},
+ "GlobalEndpoint": {
+ "$ref": "#/definitions/GlobalEndpoint"
+ },
"SourceDBClusterIdentifier": {
"description": "The Amazon Resource Name (ARN) to use as the primary cluster of the global database. This parameter is optional. This parameter is stored as a lowercase string.",
"oneOf": [
@@ -97,11 +138,35 @@
"StorageEncrypted": {
"description": " The storage encryption setting for the new global database cluster.\nIf you specify the SourceDBClusterIdentifier property, don't specify this property. The value is inherited from the cluster.",
"type": "boolean"
+ },
+ "Tags": {
+ "description": "An array of key-value pairs to apply to this resource.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 50,
+ "type": "array",
+ "uniqueItems": true
}
},
"propertyTransform": {
"/properties/GlobalClusterIdentifier": "$lowercase(GlobalClusterIdentifier)"
},
+ "readOnlyProperties": [
+ "/properties/GlobalEndpoint"
+ ],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::RDS::GlobalCluster"
}
diff --git a/schema/aws-rds-optiongroup.json b/schema/aws-rds-optiongroup.json
index 7072aeb..50a9b05 100644
--- a/schema/aws-rds-optiongroup.json
+++ b/schema/aws-rds-optiongroup.json
@@ -12,7 +12,7 @@
"description": "The ``OptionConfiguration`` property type specifies an individual option, and its settings, within an ``AWS::RDS::OptionGroup`` resource.",
"properties": {
"DBSecurityGroupMemberships": {
- "description": "A list of DBSecurityGroupMembership name strings used for this option.",
+ "description": "A list of DB security groups used for this option.",
"insertionOrder": false,
"items": {
"type": "string"
@@ -41,7 +41,7 @@
"type": "integer"
},
"VpcSecurityGroupMemberships": {
- "description": "A list of VpcSecurityGroupMembership name strings used for this option.",
+ "description": "A list of VPC security group names used for this option.",
"insertionOrder": false,
"items": {
"type": "string"
@@ -72,7 +72,7 @@
},
"Tag": {
"additionalProperties": false,
- "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS Resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
+ "description": "Metadata assigned to an Amazon RDS resource consisting of a key-value pair.\n For more information, see [Tagging Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html) in the *Amazon RDS User Guide* or [Tagging Amazon Aurora and Amazon RDS resources](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html) in the *Amazon Aurora User Guide*.",
"properties": {
"Key": {
"description": "A key is the required name of the tag. The string value can be from 1 to 128 Unicode characters in length and can't be prefixed with ``aws:`` or ``rds:``. The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', ':', '/', '=', '+', '-', '@' (Java regex: \"^([\\\\p{L}\\\\p{Z}\\\\p{N}_.:/=+\\\\-@]*)$\").",
@@ -149,7 +149,7 @@
},
"OptionConfigurations": {
"arrayType": "AttributeList",
- "description": "A list of options and the settings for each option.",
+ "description": "A list of all available options for an option group.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/OptionConfiguration"
@@ -165,7 +165,7 @@
"type": "string"
},
"Tags": {
- "description": "An optional array of key-value pairs to apply to this option group.",
+ "description": "Tags to assign to the option group.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
@@ -182,5 +182,16 @@
"OptionGroupDescription"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-rds",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rds:AddTagsToResource",
+ "rds:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::RDS::OptionGroup"
}
diff --git a/schema/aws-redshift-cluster.json b/schema/aws-redshift-cluster.json
index 1e399f7..5e0195d 100644
--- a/schema/aws-redshift-cluster.json
+++ b/schema/aws-redshift-cluster.json
@@ -32,6 +32,17 @@
},
"type": "string"
},
+ "LogDestinationType": {
+ "type": "string"
+ },
+ "LogExports": {
+ "insertionOrder": false,
+ "items": {
+ "type": "string"
+ },
+ "maxItems": 3,
+ "type": "array"
+ },
"S3KeyPrefix": {
"type": "string"
}
@@ -377,7 +388,7 @@
"type": "object"
},
"NodeType": {
- "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.4xlarge | ra3.16xlarge",
+ "description": "The node type to be provisioned for the cluster.Valid Values: ds2.xlarge | ds2.8xlarge | dc1.large | dc1.8xlarge | dc2.large | dc2.8xlarge | ra3.large | ra3.4xlarge | ra3.16xlarge",
"type": "string"
},
"NumberOfNodes": {
diff --git a/schema/aws-redshift-clusterparametergroup.json b/schema/aws-redshift-clusterparametergroup.json
index 6ba4f11..83ae82b 100644
--- a/schema/aws-redshift-clusterparametergroup.json
+++ b/schema/aws-redshift-clusterparametergroup.json
@@ -73,6 +73,7 @@
"delete": {
"permissions": [
"redshift:DescribeTags",
+ "redshift:DeleteTags",
"redshift:DescribeClusterParameterGroups",
"redshift:DeleteClusterParameterGroup",
"redshift:DescribeClusterParameters",
@@ -147,12 +148,16 @@
"ParameterGroupFamily"
],
"tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "redshift:DescribeTags",
+ "redshift:CreateTags",
+ "redshift:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
- "typeName": "AWS::Redshift::ClusterParameterGroup",
- "writeOnlyProperties": [
- "/properties/Tags",
- "/properties/Tags/*/Key",
- "/properties/Tags/*/Value"
- ]
+ "typeName": "AWS::Redshift::ClusterParameterGroup"
}
diff --git a/schema/aws-redshift-clustersubnetgroup.json b/schema/aws-redshift-clustersubnetgroup.json
index 5aaadeb..840ee55 100644
--- a/schema/aws-redshift-clustersubnetgroup.json
+++ b/schema/aws-redshift-clustersubnetgroup.json
@@ -159,7 +159,7 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-redshift",
"tagging": {
- "taggable": true
+ "taggable": false
},
"typeName": "AWS::Redshift::ClusterSubnetGroup",
"writeOnlyProperties": [
diff --git a/schema/aws-redshift-eventsubscription.json b/schema/aws-redshift-eventsubscription.json
index 8cc1cfb..1018e93 100644
--- a/schema/aws-redshift-eventsubscription.json
+++ b/schema/aws-redshift-eventsubscription.json
@@ -188,7 +188,7 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-redshift",
"tagging": {
- "taggable": true
+ "taggable": false
},
"typeName": "AWS::Redshift::EventSubscription",
"writeOnlyProperties": [
diff --git a/schema/aws-redshift-integration.json b/schema/aws-redshift-integration.json
new file mode 100644
index 0000000..c667ed9
--- /dev/null
+++ b/schema/aws-redshift-integration.json
@@ -0,0 +1,170 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/SourceArn",
+ "/properties/TargetArn",
+ "/properties/KMSKeyId",
+ "/properties/AdditionalEncryptionContext"
+ ],
+ "definitions": {
+ "EncryptionContextMap": {
+ "additionalProperties": false,
+ "description": "An optional set of non-secret key\u2013value pairs that contains additional contextual information about the data.",
+ "patternProperties": {
+ "^[\\s\\S]*$": {
+ "maxLength": 131072,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ",
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. ",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key"
+ ],
+ "type": "object"
+ },
+ "Tags": {
+ "description": "An array of key-value pairs to apply to this resource.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 50,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "description": "Integration from a source AWS service to a Redshift cluster",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "redshift:CreateIntegration",
+ "redshift:DescribeIntegrations",
+ "redshift:CreateTags",
+ "redshift:DescribeTags",
+ "redshift:DescribeClusters",
+ "redshift:CreateInboundIntegration",
+ "redshift-serverless:ListNamespaces",
+ "kms:CreateGrant",
+ "kms:DescribeKey"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "redshift:DeleteTags",
+ "redshift:DeleteIntegration",
+ "redshift:DescribeIntegrations"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "redshift:DescribeTags",
+ "redshift:DescribeIntegrations"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "redshift:DescribeIntegrations",
+ "redshift:DescribeTags"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "redshift:DescribeIntegrations",
+ "redshift:ModifyIntegration",
+ "redshift:CreateTags",
+ "redshift:DeleteTags",
+ "redshift:DescribeClusters",
+ "redshift:DescribeTags",
+ "redshift-serverless:ListNamespaces"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/IntegrationArn"
+ ],
+ "properties": {
+ "AdditionalEncryptionContext": {
+ "$ref": "#/definitions/EncryptionContextMap"
+ },
+ "CreateTime": {
+ "description": "The time (UTC) when the integration was created.",
+ "type": "string"
+ },
+ "IntegrationArn": {
+ "description": "The Amazon Resource Name (ARN) of the integration.",
+ "type": "string"
+ },
+ "IntegrationName": {
+ "description": "The name of the integration.",
+ "maxLength": 64,
+ "minLength": 1,
+ "type": "string"
+ },
+ "KMSKeyId": {
+ "description": "An KMS key identifier for the key to use to encrypt the integration. If you don't specify an encryption key, the default AWS owned KMS key is used.",
+ "type": "string"
+ },
+ "SourceArn": {
+ "description": "The Amazon Resource Name (ARN) of the database to use as the source for replication",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "An array of key-value pairs to apply to this resource.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 50,
+ "type": "array",
+ "uniqueItems": true
+ },
+ "TargetArn": {
+ "description": "The Amazon Resource Name (ARN) of the Redshift data warehouse to use as the target for replication",
+ "type": "string"
+ }
+ },
+ "propertyTransform": {
+ "/properties/KmsKeyId": "$join([\"arn:(aws)[-]{0,1}[a-z]{0,2}[-]{0,1}[a-z]{0,3}:kms:[a-z]{2}[-]{1}[a-z]{3,10}[-]{0,1}[a-z]{0,10}[-]{1}[1-3]{1}:[0-9]{12}[:]{1}key\\/\", KmsKeyId])"
+ },
+ "readOnlyProperties": [
+ "/properties/IntegrationArn",
+ "/properties/CreateTime"
+ ],
+ "required": [
+ "SourceArn",
+ "TargetArn"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "redshift:CreateTags",
+ "redshift:DeleteTags",
+ "redshift:DescribeTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::Redshift::Integration"
+}
diff --git a/schema/aws-redshiftserverless-namespace.json b/schema/aws-redshiftserverless-namespace.json
index 75f5f9a..e53f887 100644
--- a/schema/aws-redshiftserverless-namespace.json
+++ b/schema/aws-redshiftserverless-namespace.json
@@ -1,8 +1,7 @@
{
"additionalProperties": false,
"createOnlyProperties": [
- "/properties/NamespaceName",
- "/properties/Tags"
+ "/properties/NamespaceName"
],
"definitions": {
"LogExport": {
@@ -125,6 +124,7 @@
"handlers": {
"create": {
"permissions": [
+ "iam:CreateServiceLinkedRole",
"iam:PassRole",
"kms:TagResource",
"kms:UntagResource",
@@ -143,6 +143,8 @@
"redshift-serverless:GetNamespace",
"redshift-serverless:ListSnapshotCopyConfigurations",
"redshift-serverless:CreateSnapshotCopyConfiguration",
+ "redshift-serverless:ListTagsForResource",
+ "redshift-serverless:TagResource",
"redshift:GetResourcePolicy",
"redshift:PutResourcePolicy",
"secretsmanager:CreateSecret",
@@ -156,6 +158,8 @@
"iam:PassRole",
"redshift-serverless:DeleteNamespace",
"redshift-serverless:GetNamespace",
+ "redshift-serverless:ListTagsForResource",
+ "redshift-serverless:UntagResource",
"kms:RetireGrant",
"secretsmanager:DescribeSecret",
"secretsmanager:DeleteSecret",
@@ -165,13 +169,15 @@
"list": {
"permissions": [
"iam:PassRole",
- "redshift-serverless:ListNamespaces"
+ "redshift-serverless:ListNamespaces",
+ "redshift-serverless:ListTagsForResource"
]
},
"read": {
"permissions": [
"iam:PassRole",
"redshift-serverless:GetNamespace",
+ "redshift-serverless:ListTagsForResource",
"redshift:GetResourcePolicy",
"redshift-serverless:ListSnapshotCopyConfigurations"
]
@@ -198,6 +204,9 @@
"redshift-serverless:CreateSnapshotCopyConfiguration",
"redshift-serverless:UpdateSnapshotCopyConfiguration",
"redshift-serverless:DeleteSnapshotCopyConfiguration",
+ "redshift-serverless:ListTagsForResource",
+ "redshift-serverless:TagResource",
+ "redshift-serverless:UntagResource",
"redshift:GetResourcePolicy",
"redshift:PutResourcePolicy",
"redshift:DeleteResourcePolicy",
@@ -337,16 +346,22 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-redshift-serverless",
"tagging": {
- "taggable": false
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "redshift-serverless:ListTagsForResource",
+ "redshift-serverless:TagResource",
+ "redshift-serverless:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
},
"typeName": "AWS::RedshiftServerless::Namespace",
"writeOnlyProperties": [
"/properties/AdminUserPassword",
"/properties/FinalSnapshotName",
"/properties/FinalSnapshotRetentionPeriod",
- "/properties/Tags",
- "/properties/Tags/*/Key",
- "/properties/Tags/*/Value",
"/properties/ManageAdminPassword",
"/properties/RedshiftIdcApplicationArn"
]
diff --git a/schema/aws-redshiftserverless-workgroup.json b/schema/aws-redshiftserverless-workgroup.json
index e1d05c1..43cafa8 100644
--- a/schema/aws-redshiftserverless-workgroup.json
+++ b/schema/aws-redshiftserverless-workgroup.json
@@ -58,6 +58,27 @@
},
"type": "object"
},
+ "PerformanceTarget": {
+ "additionalProperties": false,
+ "properties": {
+ "Level": {
+ "maximum": 100,
+ "minimum": 1,
+ "type": "integer"
+ },
+ "Status": {
+ "$ref": "#/definitions/PerformanceTargetStatus"
+ }
+ },
+ "type": "object"
+ },
+ "PerformanceTargetStatus": {
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"Tag": {
"additionalProperties": false,
"properties": {
@@ -129,6 +150,9 @@
"pattern": "^[a-z0-9-]+$",
"type": "string"
},
+ "PricePerformanceTarget": {
+ "$ref": "#/definitions/PerformanceTarget"
+ },
"PubliclyAccessible": {
"type": "boolean"
},
@@ -155,6 +179,12 @@
},
"type": "array"
},
+ "TrackName": {
+ "maxLength": 256,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9_]+$",
+ "type": "string"
+ },
"WorkgroupArn": {
"type": "string"
},
@@ -194,7 +224,11 @@
"redshift-serverless:CreateNamespace",
"redshift-serverless:CreateWorkgroup",
"redshift-serverless:GetWorkgroup",
- "redshift-serverless:GetNamespace"
+ "redshift-serverless:GetNamespace",
+ "redshift-serverless:ListTagsForResource",
+ "redshift-serverless:TagResource",
+ "redshift-serverless:RestoreFromSnapshot",
+ "redshift-serverless:RestoreFromRecoveryPoint"
]
},
"delete": {
@@ -208,7 +242,9 @@
"ec2:DescribeAvailabilityZones",
"redshift-serverless:GetWorkgroup",
"redshift-serverless:GetNamespace",
- "redshift-serverless:DeleteWorkgroup"
+ "redshift-serverless:DeleteWorkgroup",
+ "redshift-serverless:ListTagsForResource",
+ "redshift-serverless:UntagResource"
]
},
"list": {
@@ -220,7 +256,8 @@
"ec2:DescribeSubnets",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
- "redshift-serverless:ListWorkgroups"
+ "redshift-serverless:ListWorkgroups",
+ "redshift-serverless:ListTagsForResource"
]
},
"read": {
@@ -232,7 +269,8 @@
"ec2:DescribeSubnets",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
- "redshift-serverless:GetWorkgroup"
+ "redshift-serverless:GetWorkgroup",
+ "redshift-serverless:ListTagsForResource"
]
},
"update": {
@@ -248,7 +286,12 @@
"redshift-serverless:TagResource",
"redshift-serverless:UntagResource",
"redshift-serverless:GetWorkgroup",
- "redshift-serverless:UpdateWorkgroup"
+ "redshift-serverless:UpdateWorkgroup",
+ "redshift-serverless:ListTagsForResource",
+ "redshift-serverless:TagResource",
+ "redshift-serverless:UntagResource",
+ "redshift-serverless:RestoreFromSnapshot",
+ "redshift-serverless:RestoreFromRecoveryPoint"
]
}
},
@@ -290,11 +333,20 @@
"description": "The custom port to use when connecting to a workgroup. Valid port ranges are 5431-5455 and 8191-8215. The default is 5439.",
"type": "integer"
},
+ "PricePerformanceTarget": {
+ "$ref": "#/definitions/PerformanceTarget",
+ "description": "A property that represents the price performance target settings for the workgroup.",
+ "type": "object"
+ },
"PubliclyAccessible": {
"default": false,
"description": "A value that specifies whether the workgroup can be accessible from a public network.",
"type": "boolean"
},
+ "RecoveryPointId": {
+ "description": "The recovery point id to restore from.",
+ "type": "string"
+ },
"SecurityGroupIds": {
"description": "A list of security group IDs to associate with the workgroup.",
"insertionOrder": false,
@@ -308,6 +360,18 @@
"minItems": 1,
"type": "array"
},
+ "SnapshotArn": {
+ "description": "The Amazon Resource Name (ARN) of the snapshot to restore from.",
+ "type": "string"
+ },
+ "SnapshotName": {
+ "description": "The snapshot name to restore from.",
+ "type": "string"
+ },
+ "SnapshotOwnerAccount": {
+ "description": "The Amazon Web Services account that owns the snapshot.",
+ "type": "string"
+ },
"SubnetIds": {
"description": "A list of subnet IDs the workgroup is associated with.",
"insertionOrder": false,
@@ -331,6 +395,12 @@
"minItems": 0,
"type": "array"
},
+ "TrackName": {
+ "maxLength": 256,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9_]+$",
+ "type": "string"
+ },
"Workgroup": {
"$ref": "#/definitions/Workgroup",
"description": "Definition for workgroup resource"
@@ -344,7 +414,6 @@
}
},
"readOnlyProperties": [
- "/properties/Workgroup",
"/properties/Workgroup/WorkgroupId",
"/properties/Workgroup/WorkgroupArn",
"/properties/Workgroup/WorkgroupName",
@@ -356,6 +425,7 @@
"/properties/Workgroup/ConfigParameters/*/ParameterValue",
"/properties/Workgroup/SecurityGroupIds",
"/properties/Workgroup/SubnetIds",
+ "/properties/Workgroup/TrackName",
"/properties/Workgroup/Status",
"/properties/Workgroup/Endpoint/Address",
"/properties/Workgroup/Endpoint/Port",
@@ -373,17 +443,25 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-redshift-serverless",
"tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "redshift-serverless:ListTagsForResource",
+ "redshift-serverless:TagResource",
+ "redshift-serverless:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::RedshiftServerless::Workgroup",
"writeOnlyProperties": [
- "/properties/BaseCapacity",
- "/properties/MaxCapacity",
"/properties/ConfigParameters",
"/properties/SecurityGroupIds",
"/properties/SubnetIds",
- "/properties/Tags",
- "/properties/Tags/*/Key",
- "/properties/Tags/*/Value"
+ "/properties/SnapshotArn",
+ "/properties/SnapshotName",
+ "/properties/SnapshotOwnerAccount",
+ "/properties/RecoveryPointId"
]
}
diff --git a/schema/aws-refactorspaces-application.json b/schema/aws-refactorspaces-application.json
index 963876c..6c216a2 100644
--- a/schema/aws-refactorspaces-application.json
+++ b/schema/aws-refactorspaces-application.json
@@ -82,10 +82,6 @@
"apigateway:POST",
"apigateway:PUT",
"apigateway:UpdateRestApiPolicy",
- "apigateway:Update*",
- "apigateway:Delete*",
- "apigateway:Get*",
- "apigateway:Put*",
"elasticloadbalancing:CreateLoadBalancer",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTags",
@@ -107,10 +103,10 @@
"ec2:DeleteTags",
"ec2:RevokeSecurityGroupIngress",
"elasticloadbalancing:DeleteLoadBalancer",
- "apigateway:Update*",
- "apigateway:Delete*",
- "apigateway:Get*",
- "apigateway:Put*"
+ "apigateway:DELETE",
+ "apigateway:GET",
+ "apigateway:PUT",
+ "apigateway:UpdateRestApiPolicy"
]
},
"list": {
diff --git a/schema/aws-refactorspaces-environment.json b/schema/aws-refactorspaces-environment.json
index 53e4955..f966c1d 100644
--- a/schema/aws-refactorspaces-environment.json
+++ b/schema/aws-refactorspaces-environment.json
@@ -96,6 +96,13 @@
"refactor-spaces:GetEnvironment",
"refactor-spaces:ListTagsForResource"
]
+ },
+ "update": {
+ "permissions": [
+ "refactor-spaces:GetEnvironment",
+ "refactor-spaces:TagResource",
+ "refactor-spaces:UntagResource"
+ ]
}
},
"primaryIdentifier": [
@@ -149,11 +156,18 @@
"/properties/Arn",
"/properties/TransitGatewayId"
],
- "required": [
- "Name",
- "NetworkFabricType"
- ],
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "refactor-spaces:TagResource",
+ "refactor-spaces:ListTagsForResource",
+ "refactor-spaces:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::RefactorSpaces::Environment",
"writeOnlyProperties": [
"/properties/Description",
diff --git a/schema/aws-refactorspaces-service.json b/schema/aws-refactorspaces-service.json
index a7335a3..d4d57ca 100644
--- a/schema/aws-refactorspaces-service.json
+++ b/schema/aws-refactorspaces-service.json
@@ -137,7 +137,7 @@
},
"read": {
"permissions": [
- "refactor-spacess:GetService",
+ "refactor-spaces:GetService",
"refactor-spaces:ListTagsForResource"
]
}
diff --git a/schema/aws-rekognition-collection.json b/schema/aws-rekognition-collection.json
index c8c9c2e..4d823b9 100644
--- a/schema/aws-rekognition-collection.json
+++ b/schema/aws-rekognition-collection.json
@@ -104,6 +104,17 @@
"CollectionId"
],
"sourceUrl": "https://docs.aws.amazon.com/rekognition/latest/dg/collections.html",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rekognition:ListTagsForResource",
+ "rekognition:TagResource",
+ "rekognition:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Rekognition::Collection"
}
diff --git a/schema/aws-rekognition-streamprocessor.json b/schema/aws-rekognition-streamprocessor.json
index 994c47b..107d0ab 100644
--- a/schema/aws-rekognition-streamprocessor.json
+++ b/schema/aws-rekognition-streamprocessor.json
@@ -390,6 +390,17 @@
"KinesisVideoStream"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "rekognition:TagResource",
+ "rekognition:UntagResource",
+ "rekognition:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Rekognition::StreamProcessor"
}
diff --git a/schema/aws-resiliencehub-app.json b/schema/aws-resiliencehub-app.json
index d4105b6..14c2706 100644
--- a/schema/aws-resiliencehub-app.json
+++ b/schema/aws-resiliencehub-app.json
@@ -164,7 +164,17 @@
"sns:GetTopicAttributes",
"route53:List*",
"iam:PassRole",
- "resiliencehub:*"
+ "resiliencehub:CreateApp",
+ "resiliencehub:DescribeApp",
+ "resiliencehub:DescribeAppVersionTemplate",
+ "resiliencehub:PutDraftAppVersionTemplate",
+ "resiliencehub:AddDraftAppVersionResourceMappings",
+ "resiliencehub:ListAppVersionResourceMappings",
+ "resiliencehub:ListAppVersions",
+ "resiliencehub:PublishAppVersion",
+ "resiliencehub:ListTagsForResource",
+ "resiliencehub:TagResource",
+ "resiliencehub:UntagResource"
]
},
"delete": {
@@ -209,7 +219,18 @@
"sns:GetTopicAttributes",
"route53:List*",
"iam:PassRole",
- "resiliencehub:*"
+ "resiliencehub:UpdateApp",
+ "resiliencehub:DescribeApp",
+ "resiliencehub:DescribeAppVersionTemplate",
+ "resiliencehub:PutDraftAppVersionTemplate",
+ "resiliencehub:AddDraftAppVersionResourceMappings",
+ "resiliencehub:RemoveDraftAppVersionResourceMappings",
+ "resiliencehub:ListAppVersionResourceMappings",
+ "resiliencehub:ListAppVersions",
+ "resiliencehub:PublishAppVersion",
+ "resiliencehub:ListTagsForResource",
+ "resiliencehub:TagResource",
+ "resiliencehub:UntagResource"
]
}
},
@@ -299,6 +320,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-resiliencehub",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "resiliencehub:TagResource",
+ "resiliencehub:ListTagsForResource",
+ "resiliencehub:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-resiliencehub-resiliencypolicy.json b/schema/aws-resiliencehub-resiliencypolicy.json
index e31a80d..a29ecd2 100644
--- a/schema/aws-resiliencehub-resiliencypolicy.json
+++ b/schema/aws-resiliencehub-resiliencypolicy.json
@@ -150,6 +150,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-resiliencehub",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "resiliencehub:TagResource",
+ "resiliencehub:ListTagsForResource",
+ "resiliencehub:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-resourceexplorer2-index.json b/schema/aws-resourceexplorer2-index.json
index 99ece59..d898bcd 100644
--- a/schema/aws-resourceexplorer2-index.json
+++ b/schema/aws-resourceexplorer2-index.json
@@ -93,6 +93,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "resource-explorer-2:ListTagsForResource",
+ "resource-explorer-2:TagResource",
+ "resource-explorer-2:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-resourceexplorer2-view.json b/schema/aws-resourceexplorer2-view.json
index 26e8c39..3f91d0d 100644
--- a/schema/aws-resourceexplorer2-view.json
+++ b/schema/aws-resourceexplorer2-view.json
@@ -112,6 +112,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "resource-explorer-2:ListTagsForResource",
+ "resource-explorer-2:TagResource",
+ "resource-explorer-2:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-resourcegroups-group.json b/schema/aws-resourcegroups-group.json
index 31a7592..4d940f1 100644
--- a/schema/aws-resourcegroups-group.json
+++ b/schema/aws-resourcegroups-group.json
@@ -202,7 +202,8 @@
"cloudFormationSystemTags": true,
"permissions": [
"resource-groups:Tag",
- "resource-groups:Untag"
+ "resource-groups:Untag",
+ "resource-groups:GetTags"
],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
diff --git a/schema/aws-resourcegroups-tagsynctask.json b/schema/aws-resourcegroups-tagsynctask.json
new file mode 100644
index 0000000..8c8bad2
--- /dev/null
+++ b/schema/aws-resourcegroups-tagsynctask.json
@@ -0,0 +1,120 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Group",
+ "/properties/TagKey",
+ "/properties/TagValue",
+ "/properties/RoleArn"
+ ],
+ "description": "Schema for ResourceGroups::TagSyncTask",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "resource-groups:StartTagSyncTask",
+ "resource-groups:CreateGroup",
+ "iam:PassRole"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "resource-groups:CancelTagSyncTask",
+ "resource-groups:DeleteGroup"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "resource-groups:ListTagSyncTasks"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "resource-groups:GetTagSyncTask"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/TaskArn"
+ ],
+ "properties": {
+ "Group": {
+ "description": "The Amazon resource name (ARN) or name of the application group for which you want to create a tag-sync task",
+ "maxLength": 1600,
+ "minLength": 12,
+ "pattern": "([a-zA-Z0-9_\\\\.-]{1,150}/[a-z0-9]{26})|(arn:aws(-[a-z]+)*:resource-groups(-(test|beta|gamma))?:[a-z]{2}(-[a-z]+)+-\\d{1}:[0-9]{12}:group/[a-zA-Z0-9_\\\\.-]{1,150}/[a-z0-9]{26})",
+ "type": "string"
+ },
+ "GroupArn": {
+ "description": "The Amazon resource name (ARN) of the ApplicationGroup for which the TagSyncTask is created",
+ "maxLength": 1600,
+ "minLength": 12,
+ "pattern": "arn:aws(-[a-z]+)*:resource-groups(-(test|beta|gamma))?:[a-z]{2}(-[a-z]+)+-\\d{1}:[0-9]{12}:group/[a-zA-Z0-9_\\.-]{1,150}/[a-z0-9]{26}",
+ "type": "string"
+ },
+ "GroupName": {
+ "description": "The Name of the application group for which the TagSyncTask is created",
+ "maxLength": 300,
+ "minLength": 1,
+ "pattern": "[a-zA-Z0-9_\\.-]{1,150}/[a-z0-9]{26}",
+ "type": "string"
+ },
+ "RoleArn": {
+ "description": "The Amazon resource name (ARN) of the role assumed by the service to tag and untag resources on your behalf.",
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "arn:(aws[a-zA-Z-]*)?:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+",
+ "type": "string"
+ },
+ "Status": {
+ "description": "The status of the TagSyncTask",
+ "enum": [
+ "ACTIVE",
+ "ERROR"
+ ],
+ "type": "string"
+ },
+ "TagKey": {
+ "description": "The tag key. Resources tagged with this tag key-value pair will be added to the application. If a resource with this tag is later untagged, the tag-sync task removes the resource from the application.",
+ "maxLength": 128,
+ "minLength": 1,
+ "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$",
+ "type": "string"
+ },
+ "TagValue": {
+ "description": "The tag value. Resources tagged with this tag key-value pair will be added to the application. If a resource with this tag is later untagged, the tag-sync task removes the resource from the application.",
+ "maxLength": 256,
+ "minLength": 0,
+ "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$",
+ "type": "string"
+ },
+ "TaskArn": {
+ "description": "The ARN of the TagSyncTask resource",
+ "maxLength": 1600,
+ "minLength": 12,
+ "pattern": "arn:aws(-[a-z]+)*:resource-groups(-(test|beta|gamma))?:[a-z]{2}(-[a-z]+)+-\\d{1}:[0-9]{12}:group/[a-zA-Z0-9_\\.-]{1,150}/[a-z0-9]{26}/tag-sync-task/[a-z0-9]{26}",
+ "type": "string"
+ }
+ },
+ "propertyTransform": {
+ "/properties/Group": "$split(Group, \"/\")[1] & \"/\" & $split(Group, \"/\")[2] $OR Group"
+ },
+ "readOnlyProperties": [
+ "/properties/TaskArn",
+ "/properties/Status",
+ "/properties/GroupName",
+ "/properties/GroupArn"
+ ],
+ "required": [
+ "Group",
+ "TagKey",
+ "TagValue",
+ "RoleArn"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "taggable": false
+ },
+ "typeName": "AWS::ResourceGroups::TagSyncTask"
+}
diff --git a/schema/aws-rolesanywhere-crl.json b/schema/aws-rolesanywhere-crl.json
index 153de6a..3274bf4 100644
--- a/schema/aws-rolesanywhere-crl.json
+++ b/schema/aws-rolesanywhere-crl.json
@@ -27,8 +27,7 @@
"create": {
"permissions": [
"rolesanywhere:ImportCrl",
- "rolesanywhere:TagResource",
- "rolesanywhere:ListTagsForResource"
+ "rolesanywhere:TagResource"
]
},
"delete": {
@@ -98,6 +97,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "rolesanywhere:UntagResource",
+ "rolesanywhere:TagResource",
+ "rolesanywhere:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-rolesanywhere-profile.json b/schema/aws-rolesanywhere-profile.json
index c1ed12b..d20423d 100644
--- a/schema/aws-rolesanywhere-profile.json
+++ b/schema/aws-rolesanywhere-profile.json
@@ -1,5 +1,8 @@
{
"additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/RequireInstanceProperties"
+ ],
"definitions": {
"AttributeMapping": {
"additionalProperties": false,
@@ -70,7 +73,6 @@
"iam:PassRole",
"rolesanywhere:CreateProfile",
"rolesanywhere:TagResource",
- "rolesanywhere:ListTagsForResource",
"rolesanywhere:PutAttributeMapping",
"rolesanywhere:DeleteAttributeMapping"
]
@@ -113,6 +115,9 @@
"/properties/ProfileId"
],
"properties": {
+ "AcceptRoleSessionName": {
+ "type": "boolean"
+ },
"AttributeMappings": {
"items": {
"$ref": "#/definitions/AttributeMapping"
@@ -176,10 +181,18 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "rolesanywhere:UntagResource",
+ "rolesanywhere:TagResource",
+ "rolesanywhere:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
- "typeName": "AWS::RolesAnywhere::Profile"
+ "typeName": "AWS::RolesAnywhere::Profile",
+ "writeOnlyProperties": [
+ "/properties/RequireInstanceProperties"
+ ]
}
diff --git a/schema/aws-rolesanywhere-trustanchor.json b/schema/aws-rolesanywhere-trustanchor.json
index f7480e2..e2f5f9e 100644
--- a/schema/aws-rolesanywhere-trustanchor.json
+++ b/schema/aws-rolesanywhere-trustanchor.json
@@ -115,8 +115,7 @@
"permissions": [
"iam:CreateServiceLinkedRole",
"rolesanywhere:CreateTrustAnchor",
- "rolesanywhere:TagResource",
- "rolesanywhere:ListTagsForResource"
+ "rolesanywhere:TagResource"
]
},
"delete": {
@@ -199,6 +198,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "rolesanywhere:UntagResource",
+ "rolesanywhere:TagResource",
+ "rolesanywhere:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-route53-cidrcollection.json b/schema/aws-route53-cidrcollection.json
index becda42..0567d1f 100644
--- a/schema/aws-route53-cidrcollection.json
+++ b/schema/aws-route53-cidrcollection.json
@@ -30,7 +30,7 @@
"type": "object"
}
},
- "description": "Resource schema for AWS::Route53::CidrCollection.",
+ "description": "Resource Type definition for AWS::Route53::CidrCollection.",
"handlers": {
"create": {
"permissions": [
@@ -41,7 +41,8 @@
"delete": {
"permissions": [
"route53:DeleteCidrCollection",
- "route53:ChangeCidrCollection"
+ "route53:ChangeCidrCollection",
+ "route53:ListCidrBlocks"
]
},
"list": {
diff --git a/schema/aws-route53-hostedzone.json b/schema/aws-route53-hostedzone.json
index 407ac7a..8df7d31 100644
--- a/schema/aws-route53-hostedzone.json
+++ b/schema/aws-route53-hostedzone.json
@@ -103,7 +103,6 @@
"permissions": [
"route53:GetHostedZone",
"route53:ListHostedZones",
- "route53:ListHostedZonesByName",
"route53:ListQueryLoggingConfigs",
"route53:ListTagsForResource"
]
@@ -118,7 +117,9 @@
"update": {
"permissions": [
"route53:GetChange",
+ "route53:GetHostedZone",
"route53:ListTagsForResource",
+ "route53:ListQueryLoggingConfigs",
"route53:UpdateHostedZoneComment",
"route53:ChangeTagsForResource",
"route53:AssociateVPCWithHostedZone",
@@ -185,5 +186,16 @@
"/properties/NameServers"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-route53.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "route53:ChangeTagsForResource",
+ "route53:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/HostedZoneTags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Route53::HostedZone"
}
diff --git a/schema/aws-route53profiles-profile.json b/schema/aws-route53profiles-profile.json
index 99efd4e..0719580 100644
--- a/schema/aws-route53profiles-profile.json
+++ b/schema/aws-route53profiles-profile.json
@@ -41,7 +41,8 @@
"permissions": [
"route53profiles:DeleteProfile",
"route53profiles:GetProfile",
- "route53profiles:UntagResource"
+ "route53profiles:UntagResource",
+ "route53profiles:ListTagsForResource"
]
},
"list": {
@@ -109,13 +110,14 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "route53profiles:TagResource",
+ "route53profiles:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
- "typeName": "AWS::Route53Profiles::Profile",
- "writeOnlyProperties": [
- "/properties/Tags"
- ]
+ "typeName": "AWS::Route53Profiles::Profile"
}
diff --git a/schema/aws-route53profiles-profileassociation.json b/schema/aws-route53profiles-profileassociation.json
index ee77b8d..6c276bf 100644
--- a/schema/aws-route53profiles-profileassociation.json
+++ b/schema/aws-route53profiles-profileassociation.json
@@ -36,14 +36,16 @@
"route53profiles:AssociateProfile",
"route53profiles:GetProfileAssociation",
"ec2:DescribeVpcs",
- "route53profiles:TagResource"
+ "route53profiles:TagResource",
+ "route53profiles:ListTagsForResource"
]
},
"delete": {
"permissions": [
"route53profiles:DisassociateProfile",
"route53profiles:GetProfileAssociation",
- "route53profiles:UntagResource"
+ "route53profiles:UntagResource",
+ "route53profiles:ListTagsForResource"
]
},
"list": {
@@ -72,7 +74,7 @@
],
"properties": {
"Arn": {
- "description": "The Amazon Resource Name (ARN) of the profile association.",
+ "description": "The Amazon Resource Name (ARN) of the profile association.",
"type": "string"
},
"Id": {
@@ -104,6 +106,7 @@
"readOnlyProperties": [
"/properties/Id"
],
+ "replacementStrategy": "delete_then_create",
"required": [
"ResourceId",
"ProfileId",
@@ -111,6 +114,10 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "route53profiles:TagResource",
+ "route53profiles:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
@@ -118,7 +125,6 @@
},
"typeName": "AWS::Route53Profiles::ProfileAssociation",
"writeOnlyProperties": [
- "/properties/Arn",
- "/properties/Tags"
+ "/properties/Arn"
]
}
diff --git a/schema/aws-route53recoverycontrol-cluster.json b/schema/aws-route53recoverycontrol-cluster.json
index 791f0a1..ad2e9a3 100644
--- a/schema/aws-route53recoverycontrol-cluster.json
+++ b/schema/aws-route53recoverycontrol-cluster.json
@@ -67,6 +67,13 @@
"route53-recovery-control-config:DescribeCluster",
"route53-recovery-control-config:ListTagsForResource"
]
+ },
+ "update": {
+ "permissions": [
+ "route53-recovery-control-config:DescribeCluster",
+ "route53-recovery-control-config:ListTagsForResource",
+ "route53-recovery-control-config:UpdateCluster"
+ ]
}
},
"primaryIdentifier": [
@@ -94,6 +101,14 @@
"minLength": 1,
"type": "string"
},
+ "NetworkType": {
+ "description": "Cluster supports IPv4 endpoints and Dual-stack IPv4 and IPv6 endpoints. NetworkType can be IPV4 or DUALSTACK.",
+ "enum": [
+ "IPV4",
+ "DUALSTACK"
+ ],
+ "type": "string"
+ },
"Status": {
"description": "Deployment status of a resource. Status can be one of the following: PENDING, DEPLOYED, PENDING_DELETION.",
"enum": [
@@ -124,13 +139,15 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-route53-recovery-control.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "route53-recovery-control-config:TagResource",
+ "route53-recovery-control-config:UntagResource",
+ "route53-recovery-control-config:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": false,
"taggable": true
},
- "typeName": "AWS::Route53RecoveryControl::Cluster",
- "writeOnlyProperties": [
- "/properties/Tags"
- ]
+ "typeName": "AWS::Route53RecoveryControl::Cluster"
}
diff --git a/schema/aws-route53recoverycontrol-controlpanel.json b/schema/aws-route53recoverycontrol-controlpanel.json
index a7a1823..7ef5332 100644
--- a/schema/aws-route53recoverycontrol-controlpanel.json
+++ b/schema/aws-route53recoverycontrol-controlpanel.json
@@ -122,13 +122,15 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-route53-recovery-control.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "route53-recovery-control-config:TagResource",
+ "route53-recovery-control-config:UntagResource",
+ "route53-recovery-control-config:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
- "typeName": "AWS::Route53RecoveryControl::ControlPanel",
- "writeOnlyProperties": [
- "/properties/Tags"
- ]
+ "typeName": "AWS::Route53RecoveryControl::ControlPanel"
}
diff --git a/schema/aws-route53recoverycontrol-safetyrule.json b/schema/aws-route53recoverycontrol-safetyrule.json
index 36af023..ee401a6 100644
--- a/schema/aws-route53recoverycontrol-safetyrule.json
+++ b/schema/aws-route53recoverycontrol-safetyrule.json
@@ -238,13 +238,15 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-route53-recovery-control.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "route53-recovery-control-config:TagResource",
+ "route53-recovery-control-config:UntagResource",
+ "route53-recovery-control-config:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
- "typeName": "AWS::Route53RecoveryControl::SafetyRule",
- "writeOnlyProperties": [
- "/properties/Tags"
- ]
+ "typeName": "AWS::Route53RecoveryControl::SafetyRule"
}
diff --git a/schema/aws-route53recoveryreadiness-cell.json b/schema/aws-route53recoveryreadiness-cell.json
index 8e2eda8..d760023 100644
--- a/schema/aws-route53recoveryreadiness-cell.json
+++ b/schema/aws-route53recoveryreadiness-cell.json
@@ -106,6 +106,17 @@
"/properties/ParentReadinessScopes"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-reoute53-recovery-readiness.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "route53-recovery-readiness:TagResource",
+ "route53-recovery-readiness:UntagResource",
+ "route53-recovery-readiness:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Route53RecoveryReadiness::Cell"
}
diff --git a/schema/aws-route53recoveryreadiness-readinesscheck.json b/schema/aws-route53recoveryreadiness-readinesscheck.json
index 84b4fc7..2ad4494 100644
--- a/schema/aws-route53recoveryreadiness-readinesscheck.json
+++ b/schema/aws-route53recoveryreadiness-readinesscheck.json
@@ -98,6 +98,17 @@
"/properties/ReadinessCheckArn"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-route53-recovery-readiness.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "route53-recovery-readiness:TagResource",
+ "route53-recovery-readiness:UntagResource",
+ "route53-recovery-readiness:ListTagsForResources"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Route53RecoveryReadiness::ReadinessCheck"
}
diff --git a/schema/aws-route53recoveryreadiness-recoverygroup.json b/schema/aws-route53recoveryreadiness-recoverygroup.json
index 746e6ee..22d64e2 100644
--- a/schema/aws-route53recoveryreadiness-recoverygroup.json
+++ b/schema/aws-route53recoveryreadiness-recoverygroup.json
@@ -101,6 +101,17 @@
"/properties/RecoveryGroupArn"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-route53-recovery-readiness-readiness.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "route53-recovery-readiness:TagResource",
+ "route53-recovery-readiness:UntagResource",
+ "route53-recovery-readiness:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Route53RecoveryReadiness::RecoveryGroup"
}
diff --git a/schema/aws-route53recoveryreadiness-resourceset.json b/schema/aws-route53recoveryreadiness-resourceset.json
index 37526fa..983e982 100644
--- a/schema/aws-route53recoveryreadiness-resourceset.json
+++ b/schema/aws-route53recoveryreadiness-resourceset.json
@@ -213,6 +213,17 @@
"Resources"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-route53-recovery-readiness.git",
- "taggable": true,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "route53-recovery-readiness:TagResource",
+ "route53-recovery-readiness:UntagResource",
+ "route53-recovery-readiness:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Route53RecoveryReadiness::ResourceSet"
}
diff --git a/schema/aws-route53resolver-firewalldomainlist.json b/schema/aws-route53resolver-firewalldomainlist.json
index d983085..b1e662d 100644
--- a/schema/aws-route53resolver-firewalldomainlist.json
+++ b/schema/aws-route53resolver-firewalldomainlist.json
@@ -43,52 +43,42 @@
"handlers": {
"create": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:CreateFirewallDomainList",
+ "route53resolver:GetFirewallDomainList",
+ "route53resolver:ImportFirewallDomains",
+ "route53resolver:UpdateFirewallDomains",
+ "route53resolver:TagResource",
+ "route53resolver:ListTagsForResource"
]
},
"delete": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:GetFirewallDomainList",
+ "route53resolver:DeleteFirewallDomainList",
+ "route53resolver:UntagResource",
+ "route53resolver:ListTagsForResource"
]
},
"list": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:ListFirewallDomainLists",
+ "route53resolver:ListTagsForResource"
]
},
"read": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:GetFirewallDomainList",
+ "route53resolver:ListTagsForResource"
]
},
"update": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:GetFirewallDomainList",
+ "route53resolver:ImportFirewallDomains",
+ "route53resolver:UpdateFirewallDomains",
+ "route53resolver:TagResource",
+ "route53resolver:UntagResource",
+ "route53resolver:ListTagsForResource"
]
}
},
@@ -192,6 +182,10 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "route53resolver:TagResource",
+ "route53resolver:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-route53resolver-firewallrulegroup.json b/schema/aws-route53resolver-firewallrulegroup.json
index 36e7973..8808672 100644
--- a/schema/aws-route53resolver-firewallrulegroup.json
+++ b/schema/aws-route53resolver-firewallrulegroup.json
@@ -45,6 +45,23 @@
],
"type": "string"
},
+ "ConfidenceThreshold": {
+ "description": "FirewallDomainRedirectionAction",
+ "enum": [
+ "LOW",
+ "MEDIUM",
+ "HIGH"
+ ],
+ "type": "string"
+ },
+ "DnsThreatProtection": {
+ "description": "FirewallDomainRedirectionAction",
+ "enum": [
+ "DGA",
+ "DNS_TUNNELING"
+ ],
+ "type": "string"
+ },
"FirewallDomainListId": {
"description": "ResourceId",
"maxLength": 64,
@@ -59,6 +76,12 @@
],
"type": "string"
},
+ "FirewallThreatProtectionId": {
+ "description": "ResourceId",
+ "maxLength": 64,
+ "minLength": 1,
+ "type": "string"
+ },
"Priority": {
"description": "Rule Priority",
"type": "integer"
@@ -71,7 +94,6 @@
}
},
"required": [
- "FirewallDomainListId",
"Priority",
"Action"
],
@@ -105,52 +127,48 @@
"handlers": {
"create": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:CreateFirewallRuleGroup",
+ "route53resolver:GetFirewallRuleGroup",
+ "route53resolver:ListFirewallRules",
+ "route53resolver:CreateFirewallRule",
+ "route53resolver:DeleteFirewallRule",
+ "route53resolver:TagResource",
+ "route53resolver:ListTagsForResource"
]
},
"delete": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:GetFirewallRuleGroup",
+ "route53resolver:DeleteFirewallRuleGroup",
+ "route53resolver:ListFirewallRules",
+ "route53resolver:DeleteFirewallRule",
+ "route53resolver:UntagResource",
+ "route53resolver:ListTagsForResource"
]
},
"list": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:ListFirewallRuleGroups",
+ "route53resolver:ListTagsForResource"
]
},
"read": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:GetFirewallRuleGroup",
+ "route53resolver:ListFirewallRules",
+ "route53resolver:ListTagsForResource"
]
},
"update": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:GetFirewallRuleGroup",
+ "route53resolver:ListFirewallRules",
+ "route53resolver:CreateFirewallRule",
+ "route53resolver:UpdateFirewallRule",
+ "route53resolver:DeleteFirewallRule",
+ "route53resolver:TagResource",
+ "route53resolver:UntagResource",
+ "route53resolver:ListTagsForResource"
]
}
},
@@ -257,10 +275,15 @@
"/properties/ShareStatus",
"/properties/CreatorRequestId",
"/properties/CreationTime",
- "/properties/ModificationTime"
+ "/properties/ModificationTime",
+ "/properties/FirewallRules/*/FirewallThreatProtectionId"
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "route53resolver:TagResource",
+ "route53resolver:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-route53resolver-firewallrulegroupassociation.json b/schema/aws-route53resolver-firewallrulegroupassociation.json
index a25cd76..0db1177 100644
--- a/schema/aws-route53resolver-firewallrulegroupassociation.json
+++ b/schema/aws-route53resolver-firewallrulegroupassociation.json
@@ -33,52 +33,40 @@
"handlers": {
"create": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:AssociateFirewallRuleGroup",
+ "route53resolver:GetFirewallRuleGroupAssociation",
+ "route53resolver:TagResource",
+ "route53resolver:ListTagsForResource",
+ "ec2:DescribeVpcs"
]
},
"delete": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:DisassociateFirewallRuleGroup",
+ "route53resolver:GetFirewallRuleGroupAssociation",
+ "route53resolver:UntagResource",
+ "route53resolver:ListTagsForResource"
]
},
"list": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:ListFirewallRuleGroupAssociations",
+ "route53resolver:ListTagsForResource"
]
},
"read": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:GetFirewallRuleGroupAssociation",
+ "route53resolver:ListTagsForResource"
]
},
"update": {
"permissions": [
- "route53resolver:*",
- "ec2:*",
- "logs:*",
- "iam:*",
- "lambda:*",
- "s3:*"
+ "route53resolver:UpdateFirewallRuleGroupAssociation",
+ "route53resolver:GetFirewallRuleGroupAssociation",
+ "route53resolver:TagResource",
+ "route53resolver:UntagResource",
+ "route53resolver:ListTagsForResource"
]
}
},
@@ -194,6 +182,10 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "route53resolver:TagResource",
+ "route53resolver:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-route53resolver-outpostresolver.json b/schema/aws-route53resolver-outpostresolver.json
index c2e4703..fd5f578 100644
--- a/schema/aws-route53resolver-outpostresolver.json
+++ b/schema/aws-route53resolver-outpostresolver.json
@@ -34,8 +34,10 @@
"permissions": [
"route53resolver:CreateOutpostResolver",
"route53resolver:GetOutpostResolver",
+ "route53resolver:ListOutpostResolvers",
"route53resolver:ListTagsForResource",
- "outposts:GetOutpost"
+ "outposts:GetOutpost",
+ "route53resolver:TagResource"
]
},
"delete": {
@@ -170,6 +172,10 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "route53resolver:TagResource",
+ "route53resolver:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-route53resolver-resolverqueryloggingconfig.json b/schema/aws-route53resolver-resolverqueryloggingconfig.json
index b6dbbc5..e3f8ffc 100644
--- a/schema/aws-route53resolver-resolverqueryloggingconfig.json
+++ b/schema/aws-route53resolver-resolverqueryloggingconfig.json
@@ -2,8 +2,34 @@
"additionalProperties": false,
"createOnlyProperties": [
"/properties/Name",
- "/properties/DestinationArn"
+ "/properties/DestinationArn",
+ "/properties/Tags"
],
+ "definitions": {
+ "Tag": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ }
+ },
"description": "Resource schema for AWS::Route53Resolver::ResolverQueryLoggingConfig.",
"handlers": {
"create": {
@@ -20,7 +46,10 @@
"logs:PutResourcePolicy",
"logs:DescribeResourcePolicies",
"logs:DescribeLogGroups",
- "iam:CreateServiceLinkedRole"
+ "iam:CreateServiceLinkedRole",
+ "route53resolver:ListTagsForResource",
+ "route53resolver:TagResource",
+ "route53resolver:ListResolverQueryLogConfigs"
]
},
"delete": {
@@ -28,19 +57,24 @@
"resolverquerylogging:DeleteConfig",
"resolverquerylogging:ListConfig",
"route53resolver:DeleteResolverQueryLogConfig",
- "route53resolver:ListResolverQueryLogConfigs"
+ "route53resolver:ListResolverQueryLogConfigs",
+ "route53resolver:UntagResource",
+ "route53resolver:ListTagsForResource"
]
},
"list": {
"permissions": [
"resolverquerylogging:ListConfig",
- "route53resolver:ListResolverQueryLogConfigs"
+ "route53resolver:ListResolverQueryLogConfigs",
+ "route53resolver:ListTagsForResource"
]
},
"read": {
"permissions": [
"resolverquerylogging:GetConfig",
- "route53resolver:GetResolverQueryLogConfig"
+ "route53resolver:GetResolverQueryLogConfig",
+ "route53resolver:ListTagsForResource",
+ "route53resolver:ListResolverQueryLogConfigs"
]
}
},
@@ -113,6 +147,15 @@
"FAILED"
],
"type": "string"
+ },
+ "Tags": {
+ "description": "An array of key-value pairs to apply to this resource.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": true
}
},
"readOnlyProperties": [
@@ -125,6 +168,16 @@
"/properties/CreationTime",
"/properties/Id"
],
- "taggable": false,
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "route53resolver:TagResource",
+ "route53resolver:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
"typeName": "AWS::Route53Resolver::ResolverQueryLoggingConfig"
}
diff --git a/schema/aws-route53resolver-resolverqueryloggingconfigassociation.json b/schema/aws-route53resolver-resolverqueryloggingconfigassociation.json
index aac1c0e..eb268fa 100644
--- a/schema/aws-route53resolver-resolverqueryloggingconfigassociation.json
+++ b/schema/aws-route53resolver-resolverqueryloggingconfigassociation.json
@@ -98,5 +98,8 @@
"/properties/CreationTime",
"/properties/Id"
],
+ "tagging": {
+ "taggable": false
+ },
"typeName": "AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation"
}
diff --git a/schema/aws-route53resolver-resolverrule.json b/schema/aws-route53resolver-resolverrule.json
index 7c23620..35f244f 100644
--- a/schema/aws-route53resolver-resolverrule.json
+++ b/schema/aws-route53resolver-resolverrule.json
@@ -53,6 +53,12 @@
"DoH"
],
"type": "string"
+ },
+ "ServerNameIndication": {
+ "description": "The SNI of the target name servers for DoH/DoH-FIPS outbound endpoints",
+ "maxLength": 255,
+ "minLength": 0,
+ "type": "string"
}
},
"type": "object"
@@ -130,7 +136,8 @@
"enum": [
"FORWARD",
"SYSTEM",
- "RECURSIVE"
+ "RECURSIVE",
+ "DELEGATE"
],
"type": "string"
},
@@ -161,12 +168,15 @@
"/properties/ResolverRuleId"
],
"required": [
- "DomainName",
"RuleType"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-route53resolver.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "route53resolver:TagResource",
+ "route53resolver:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-route53resolver-resolverruleassociation.json b/schema/aws-route53resolver-resolverruleassociation.json
index 0c26a4d..0f7c3dc 100644
--- a/schema/aws-route53resolver-resolverruleassociation.json
+++ b/schema/aws-route53resolver-resolverruleassociation.json
@@ -22,7 +22,8 @@
},
"list": {
"permissions": [
- "route53resolver:ListResolverRuleAssociations"
+ "route53resolver:ListResolverRuleAssociations",
+ "ec2:DescribeVpcs"
]
},
"read": {
diff --git a/schema/aws-rum-appmonitor.json b/schema/aws-rum-appmonitor.json
index 92e1dd0..84d89ae 100644
--- a/schema/aws-rum-appmonitor.json
+++ b/schema/aws-rum-appmonitor.json
@@ -95,6 +95,36 @@
],
"type": "string"
},
+ "DeobfuscationConfiguration": {
+ "additionalProperties": false,
+ "description": "A structure that contains the configuration for how an app monitor can deobfuscate stack traces.",
+ "properties": {
+ "JavaScriptSourceMaps": {
+ "additionalProperties": false,
+ "description": "A structure that contains the configuration for how an app monitor can unminify JavaScript error stack traces using source maps.",
+ "properties": {
+ "S3Uri": {
+ "description": "The S3Uri of the bucket or folder that stores the source map files. It is required if status is ENABLED.",
+ "pattern": "^s3://[a-z0-9][-.a-z0-9]{1,61}(?:/[-!_*'().a-z0-9A-Z]+(?:/[-!_*'().a-z0-9A-Z]+)*)?/?$",
+ "type": "string"
+ },
+ "Status": {
+ "description": "Specifies whether JavaScript error stack traces should be unminified for this app monitor. The default is for JavaScript error stack trace unminification to be DISABLED",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "Status"
+ ],
+ "type": "object"
+ }
+ },
+ "type": "object"
+ },
"FavoritePages": {
"description": "List of favorite pages",
"insertionOrder": false,
@@ -209,6 +239,26 @@
"minItems": 0,
"type": "array"
},
+ "ResourcePolicy": {
+ "additionalProperties": false,
+ "description": "A structure that defines resource policy attached to your app monitor.",
+ "properties": {
+ "PolicyDocument": {
+ "description": "The JSON to use as the resource policy. The document can be up to 4 KB in size. ",
+ "type": "string"
+ },
+ "PolicyRevisionId": {
+ "description": "A string value that you can use to conditionally update your policy. You can provide the revision ID of your existing policy to make mutating requests against that policy. \n\n When you assign a policy revision ID, then later requests about that policy will be rejected with an InvalidPolicyRevisionIdException error if they don't provide the correct current revision ID.",
+ "maxLength": 255,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "PolicyDocument"
+ ],
+ "type": "object"
+ },
"Tag": {
"additionalProperties": false,
"description": "A key-value pair to associate with a resource.",
@@ -287,7 +337,9 @@
"rum:PutRumMetricsDestination",
"rum:BatchCreateRumMetricDefinitions",
"rum:ListRumMetricsDestinations",
- "rum:BatchGetRumMetricDefinitions"
+ "rum:BatchGetRumMetricDefinitions",
+ "rum:GetResourcePolicy",
+ "rum:PutResourcePolicy"
]
},
"delete": {
@@ -304,7 +356,10 @@
"rum:DeleteRumMetricsDestination",
"rum:BatchDeleteRumMetricDefinitions",
"rum:ListRumMetricsDestinations",
- "rum:BatchGetRumMetricDefinitions"
+ "rum:BatchGetRumMetricDefinitions",
+ "rum:GetResourcePolicy",
+ "rum:PutResourcePolicy",
+ "rum:DeleteResourcePolicy"
]
},
"list": {
@@ -331,7 +386,8 @@
"s3:GetObjectAcl",
"rum:ListTagsForResource",
"rum:ListRumMetricsDestinations",
- "rum:BatchGetRumMetricDefinitions"
+ "rum:BatchGetRumMetricDefinitions",
+ "rum:GetResourcePolicy"
]
},
"update": {
@@ -366,10 +422,25 @@
"rum:BatchCreateRumMetricDefinitions",
"rum:BatchDeleteRumMetricDefinitions",
"rum:BatchGetRumMetricDefinitions",
- "rum:UpdateRumMetricDefinition"
+ "rum:UpdateRumMetricDefinition",
+ "rum:GetResourcePolicy",
+ "rum:PutResourcePolicy",
+ "rum:DeleteResourcePolicy"
]
}
},
+ "oneOf": [
+ {
+ "required": [
+ "Domain"
+ ]
+ },
+ {
+ "required": [
+ "DomainList"
+ ]
+ }
+ ],
"primaryIdentifier": [
"/properties/Name"
],
@@ -384,13 +455,28 @@
"description": "Data collected by RUM is kept by RUM for 30 days and then deleted. This parameter specifies whether RUM sends a copy of this telemetry data to CWLlong in your account. This enables you to keep the telemetry data for more than 30 days, but it does incur CWLlong charges. If you omit this parameter, the default is false",
"type": "boolean"
},
+ "DeobfuscationConfiguration": {
+ "$ref": "#/definitions/DeobfuscationConfiguration"
+ },
"Domain": {
- "description": "The top-level internet domain name for which your application has administrative authority.",
+ "description": "The top-level internet domain name for which your application has administrative authority. The CreateAppMonitor requires either the domain or the domain list.",
"maxLength": 253,
"minLength": 1,
"pattern": "^(localhost)|^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$|^(?![-.])([A-Za-z0-9-\\.\\-]{0,63})((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))\\.(?![-])[A-Za-z-0-9]{1,63}((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))|^(\\*\\.)(?![-.])([A-Za-z0-9-\\.\\-]{0,63})((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))\\.(?![-])[A-Za-z-0-9]{1,63}((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))",
"type": "string"
},
+ "DomainList": {
+ "description": "The top-level internet domain names for which your application has administrative authority. The CreateAppMonitor requires either the domain or the domain list.",
+ "items": {
+ "maxLength": 253,
+ "minLength": 1,
+ "pattern": "^(localhost)|^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$|^(?![-.])([A-Za-z0-9-\\.\\-]{0,63})((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))\\.(?![-])[A-Za-z-0-9]{1,63}((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))|^(\\*\\.)(?![-.])([A-Za-z0-9-\\.\\-]{0,63})((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))\\.(?![-])[A-Za-z-0-9]{1,63}((?![-])([a-zA-Z0-9]{1}|^[a-zA-Z0-9]{0,1}))",
+ "type": "string"
+ },
+ "maxItems": 5,
+ "minItems": 1,
+ "type": "array"
+ },
"Id": {
"description": "The unique ID of the new app monitor.",
"maxLength": 36,
@@ -405,6 +491,9 @@
"pattern": "[\\.\\-_/#A-Za-z0-9]+",
"type": "string"
},
+ "ResourcePolicy": {
+ "$ref": "#/definitions/ResourcePolicy"
+ },
"Tags": {
"$ref": "#/definitions/TagDef"
}
@@ -413,11 +502,19 @@
"/properties/Id"
],
"required": [
- "Name",
- "Domain"
+ "Name"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "rum:UntagResource",
+ "rum:TagResource",
+ "rum:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::RUM::AppMonitor"
diff --git a/schema/aws-s3-accessgrant.json b/schema/aws-s3-accessgrant.json
index 7c53df6..daee0fd 100644
--- a/schema/aws-s3-accessgrant.json
+++ b/schema/aws-s3-accessgrant.json
@@ -82,12 +82,14 @@
},
"read": {
"permissions": [
- "s3:GetAccessGrant"
+ "s3:GetAccessGrant",
+ "s3:ListTagsForResource"
]
},
"update": {
"permissions": [
- "s3:TagResource"
+ "s3:TagResource",
+ "s3:UntagResource"
]
}
},
@@ -167,8 +169,14 @@
"Permission",
"AccessGrantsLocationId"
],
- "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-s3",
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "s3:UntagResource",
+ "s3:TagResource",
+ "s3:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
@@ -176,7 +184,6 @@
},
"typeName": "AWS::S3::AccessGrant",
"writeOnlyProperties": [
- "/properties/Tags",
"/properties/S3PrefixType"
]
}
diff --git a/schema/aws-s3-accessgrantsinstance.json b/schema/aws-s3-accessgrantsinstance.json
index c3b1e44..004684e 100644
--- a/schema/aws-s3-accessgrantsinstance.json
+++ b/schema/aws-s3-accessgrantsinstance.json
@@ -34,12 +34,15 @@
"create": {
"permissions": [
"s3:CreateAccessGrantsInstance",
+ "s3:AssociateAccessGrantsIdentityCenter",
"s3:TagResource"
]
},
"delete": {
"permissions": [
- "s3:DeleteAccessGrantsInstance"
+ "s3:GetAccessGrantsInstance",
+ "s3:DeleteAccessGrantsInstance",
+ "s3:DissociateAccessGrantsIdentityCenter"
]
},
"list": {
@@ -49,12 +52,14 @@
},
"read": {
"permissions": [
- "s3:GetAccessGrantsInstance"
+ "s3:GetAccessGrantsInstance",
+ "s3:ListTagsForResource"
]
},
"update": {
"permissions": [
- "s3:TagResource"
+ "s3:TagResource",
+ "s3:UntagResource"
]
}
},
@@ -96,13 +101,16 @@
"required": [],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-s3",
"tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "s3:UntagResource",
+ "s3:TagResource",
+ "s3:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
- "typeName": "AWS::S3::AccessGrantsInstance",
- "writeOnlyProperties": [
- "/properties/Tags"
- ]
+ "typeName": "AWS::S3::AccessGrantsInstance"
}
diff --git a/schema/aws-s3-accessgrantslocation.json b/schema/aws-s3-accessgrantslocation.json
index 4caa530..c1e63aa 100644
--- a/schema/aws-s3-accessgrantslocation.json
+++ b/schema/aws-s3-accessgrantslocation.json
@@ -42,13 +42,15 @@
},
"read": {
"permissions": [
- "s3:GetAccessGrantsLocation"
+ "s3:GetAccessGrantsLocation",
+ "s3:ListTagsForResource"
]
},
"update": {
"permissions": [
"s3:UpdateAccessGrantsLocation",
"s3:TagResource",
+ "s3:UntagResource",
"iam:PassRole"
]
}
@@ -98,13 +100,16 @@
"required": [],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-s3",
"tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "s3:UntagResource",
+ "s3:TagResource",
+ "s3:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
- "typeName": "AWS::S3::AccessGrantsLocation",
- "writeOnlyProperties": [
- "/properties/Tags"
- ]
+ "typeName": "AWS::S3::AccessGrantsLocation"
}
diff --git a/schema/aws-s3-accesspoint.json b/schema/aws-s3-accesspoint.json
index 9aaf316..da63f95 100644
--- a/schema/aws-s3-accesspoint.json
+++ b/schema/aws-s3-accesspoint.json
@@ -51,6 +51,7 @@
"permissions": [
"s3:CreateAccessPoint",
"s3:PutAccessPointPolicy",
+ "s3:GetAccessPoint",
"s3:PutAccessPointPublicAccessBlock"
]
},
@@ -148,5 +149,8 @@
"Bucket"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-s3",
+ "tagging": {
+ "taggable": false
+ },
"typeName": "AWS::S3::AccessPoint"
}
diff --git a/schema/aws-s3-bucket.json b/schema/aws-s3-bucket.json
index 398137d..1f1e629 100644
--- a/schema/aws-s3-bucket.json
+++ b/schema/aws-s3-bucket.json
@@ -283,7 +283,7 @@
},
"EncryptionConfiguration": {
"additionalProperties": false,
- "description": "Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.",
+ "description": "Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.\n If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner.",
"properties": {
"ReplicaKmsKeyID": {
"description": "Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.",
@@ -483,6 +483,14 @@
},
"type": "array",
"uniqueItems": true
+ },
+ "TransitionDefaultMinimumObjectSize": {
+ "description": "Indicates which default minimum object size behavior is applied to the lifecycle configuration.\n This parameter applies to general purpose buckets only. It isn't supported for directory bucket lifecycle configurations.\n + ``all_storage_classes_128K`` - Objects smaller than 128 KB will not transition to any storage class by default.\n + ``varies_by_storage_class`` - Objects smaller than 128 KB will transition to Glacier Flexible Retrieval or Glacier Deep Archive storage classes. By default, all other storage classes will prevent transitions smaller than 128 KB. \n \n To customize the minimum object size for any transition you can add a filter that specifies a custom ``ObjectSizeGreaterThan`` or ``ObjectSizeLessThan`` in the body of your transition rule. Custom filters always take precedence over the default transition behavior.",
+ "enum": [
+ "varies_by_storage_class",
+ "all_storage_classes_128K"
+ ],
+ "type": "string"
}
},
"required": [
@@ -509,6 +517,20 @@
},
"type": "object"
},
+ "MetadataTableConfiguration": {
+ "additionalProperties": false,
+ "description": "The metadata table configuration of an S3 general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) and [Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html).",
+ "properties": {
+ "S3TablesDestination": {
+ "$ref": "#/definitions/S3TablesDestination",
+ "description": "The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS-account as the general purpose bucket. The specified metadata table name must be unique within the ``aws_s3_metadata`` namespace in the destination table bucket."
+ }
+ },
+ "required": [
+ "S3TablesDestination"
+ ],
+ "type": "object"
+ },
"Metrics": {
"additionalProperties": false,
"description": "A container specifying replication metrics-related settings enabling replication metrics and events.",
@@ -731,7 +753,7 @@
"description": "Amazon S3 keys for log objects are partitioned in the following format:\n ``[DestinationPrefix][SourceAccountId]/[SourceRegion]/[SourceBucket]/[YYYY]/[MM]/[DD]/[YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString]`` \n PartitionedPrefix defaults to EventTime delivery when server access logs are delivered.",
"properties": {
"PartitionDateSource": {
- "description": "Specifies the partition date source for the partitioned prefix. PartitionDateSource can be EventTime or DeliveryTime.",
+ "description": "Specifies the partition date source for the partitioned prefix. ``PartitionDateSource`` can be ``EventTime`` or ``DeliveryTime``.\n For ``DeliveryTime``, the time in the log file names corresponds to the delivery time for the log files. \n For ``EventTime``, The logs delivered are for a specific day only. The year, month, and day correspond to the day on which the event occurred, and the hour, minutes and seconds are set to 00 in the key.",
"enum": [
"EventTime",
"DeliveryTime"
@@ -1207,36 +1229,43 @@
],
"type": "object"
},
+ "S3TablesDestination": {
+ "additionalProperties": false,
+ "description": "The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS-account as the general purpose bucket. The specified metadata table name must be unique within the ``aws_s3_metadata`` namespace in the destination table bucket.",
+ "properties": {
+ "TableArn": {
+ "description": "The Amazon Resource Name (ARN) for the metadata table in the metadata table configuration. The specified metadata table name must be unique within the ``aws_s3_metadata`` namespace in the destination table bucket.",
+ "type": "string"
+ },
+ "TableBucketArn": {
+ "description": "The Amazon Resource Name (ARN) for the table bucket that's specified as the destination in the metadata table configuration. The destination table bucket must be in the same Region and AWS-account as the general purpose bucket.",
+ "type": "string"
+ },
+ "TableName": {
+ "description": "The name for the metadata table in your metadata table configuration. The specified metadata table name must be unique within the ``aws_s3_metadata`` namespace in the destination table bucket.",
+ "type": "string"
+ },
+ "TableNamespace": {
+ "description": "The table bucket namespace for the metadata table in your metadata table configuration. This value is always ``aws_s3_metadata``.",
+ "type": "string"
+ }
+ },
+ "required": [
+ "TableBucketArn",
+ "TableName"
+ ],
+ "type": "object"
+ },
"ServerSideEncryptionByDefault": {
"additionalProperties": false,
- "description": "Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. For more information, see [PUT Bucket encryption](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) in the *Amazon S3 API Reference*.",
+ "description": "Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. For more information, see [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html).\n + *General purpose buckets* - If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key (``aws/s3``) in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. \n + *Directory buckets* - Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket's lifetime. The [managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) (``aws/s3``) isn't supported. \n + *Directory buckets* - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS.",
"properties": {
"KMSMasterKeyID": {
- "anyOf": [
- {
- "relationshipRef": {
- "propertyPath": "/properties/KeyId",
- "typeName": "AWS::KMS::Key"
- }
- },
- {
- "relationshipRef": {
- "propertyPath": "/properties/Arn",
- "typeName": "AWS::KMS::Key"
- }
- },
- {
- "relationshipRef": {
- "propertyPath": "/properties/AliasName",
- "typeName": "AWS::KMS::Alias"
- }
- }
- ],
- "description": "AWS Key Management Service (KMS) customer AWS KMS key ID to use for the default encryption. This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms`` or ``aws:kms:dsse``.\n You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key Alias: ``alias/alias-name`` \n \n If you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log. \n If you are using encryption with cross-account or AWS service operations you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy).\n Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.",
+ "description": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. \n + *General purpose buckets* - This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms`` or ``aws:kms:dsse``.\n + *Directory buckets* - This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms``.\n \n You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.\n + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` \n + Key Alias: ``alias/alias-name`` \n \n If you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy).\n + *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, if you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log. \n + *Directory buckets* - When you specify an [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported.\n \n Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*.",
"type": "string"
},
"SSEAlgorithm": {
- "description": "Server-side encryption algorithm to use for the default encryption.",
+ "description": "Server-side encryption algorithm to use for the default encryption.\n For directory buckets, there are only two supported values for server-side encryption: ``AES256`` and ``aws:kms``.",
"enum": [
"aws:kms",
"AES256",
@@ -1252,7 +1281,7 @@
},
"ServerSideEncryptionRule": {
"additionalProperties": false,
- "description": "Specifies the default server-side encryption configuration.",
+ "description": "Specifies the default server-side encryption configuration.\n + *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester\u2019s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner.\n + *Directory buckets* - When you specify an [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported.",
"properties": {
"BucketKeyEnabled": {
"description": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the ``BucketKeyEnabled`` element to ``true`` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.\n For more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide*.",
@@ -1333,7 +1362,7 @@
},
"TagFilter": {
"additionalProperties": false,
- "description": "Specifies tags to use to identify a subset of objects for an Amazon S3 bucket.",
+ "description": "Specifies tags to use to identify a subset of objects for an Amazon S3 bucket. For more information, see [Categorizing your storage using tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html) in the *Amazon Simple Storage Service User Guide*.",
"properties": {
"Key": {
"description": "The tag key.",
@@ -1448,7 +1477,7 @@
"description": "Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC."
},
"TransitionInDays": {
- "description": "Indicates the number of days after creation when objects are transitioned to the specified storage class. The value must be a positive integer.",
+ "description": "Indicates the number of days after creation when objects are transitioned to the specified storage class. If the specified storage class is ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE``, valid values are ``0`` or positive integers. If the specified storage class is ``STANDARD_IA`` or ``ONEZONE_IA``, valid values are positive integers greater than ``30``. Be aware that some storage classes have a minimum storage duration and that you're charged for transitioning objects before their minimum storage duration. For more information, see [Constraints and considerations for transitions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html#lifecycle-configuration-constraints) in the *Amazon S3 User Guide*.",
"type": "integer"
}
},
@@ -1459,7 +1488,7 @@
},
"VersioningConfiguration": {
"additionalProperties": false,
- "description": "Describes the versioning state of an Amazon S3 bucket. For more information, see [PUT Bucket versioning](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTVersioningStatus.html) in the *Amazon S3 API Reference*.",
+ "description": "Describes the versioning state of an Amazon S3 bucket. For more information, see [PUT Bucket versioning](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTVersioningStatus.html) in the *Amazon S3 API Reference*.\n When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (``PUT`` or ``DELETE``) on objects in the bucket.",
"properties": {
"Status": {
"default": "Suspended",
@@ -1537,7 +1566,15 @@
"s3:PutBucketVersioning",
"s3:PutObjectLockConfiguration",
"s3:PutBucketOwnershipControls",
- "s3:PutIntelligentTieringConfiguration"
+ "s3:PutIntelligentTieringConfiguration",
+ "s3:GetBucketMetadataTableConfiguration",
+ "s3:CreateBucketMetadataTableConfiguration",
+ "s3tables:CreateNamespace",
+ "s3tables:CreateTable",
+ "s3tables:GetTable",
+ "s3tables:PutTablePolicy",
+ "s3tables:GetTableMetadataLocation",
+ "s3tables:UpdateTableMetadataLocation"
]
},
"delete": {
@@ -1571,6 +1608,7 @@
"s3:GetBucketTagging",
"s3:GetBucketOwnershipControls",
"s3:GetIntelligentTieringConfiguration",
+ "s3:GetBucketMetadataTableConfiguration",
"s3:ListBucket"
]
},
@@ -1588,6 +1626,15 @@
"s3:PutBucketReplication",
"s3:PutBucketWebsite",
"s3:PutAccelerateConfiguration",
+ "s3:GetBucketMetadataTableConfiguration",
+ "s3:DeleteBucketMetadataTableConfiguration",
+ "s3:CreateBucketMetadataTableConfiguration",
+ "s3tables:CreateNamespace",
+ "s3tables:CreateTable",
+ "s3tables:GetTable",
+ "s3tables:PutTablePolicy",
+ "s3tables:GetTableMetadataLocation",
+ "s3tables:UpdateTableMetadataLocation",
"s3:PutBucketPublicAccessBlock",
"s3:PutReplicationConfiguration",
"s3:PutBucketOwnershipControls",
@@ -1651,7 +1698,7 @@
"description": "Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*."
},
"BucketName": {
- "description": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html). For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html#bucketnamingrules) in the *Amazon S3 User Guide*. \n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.",
+ "description": "A name for the bucket. If you don't specify a name, AWS CloudFormation generates a unique ID and uses that ID for the bucket name. The bucket name must contain only lowercase letters, numbers, periods (.), and dashes (-) and must follow [Amazon S3 bucket restrictions and limitations](https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketRestrictions.html). For more information, see [Rules for naming Amazon S3 buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) in the *Amazon S3 User Guide*. \n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you need to replace the resource, specify a new name.",
"type": "string"
},
"CorsConfiguration": {
@@ -1698,6 +1745,10 @@
"$ref": "#/definitions/LoggingConfiguration",
"description": "Settings that define where logs are stored."
},
+ "MetadataTableConfiguration": {
+ "$ref": "#/definitions/MetadataTableConfiguration",
+ "description": "The metadata table configuration of an S3 general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) and [Setting up permissions for configuring metadata tables](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-permissions.html)."
+ },
"MetricsConfigurations": {
"description": "Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For more information, see [PutBucketMetricsConfiguration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html).",
"insertionOrder": true,
@@ -1713,7 +1764,7 @@
},
"ObjectLockConfiguration": {
"$ref": "#/definitions/ObjectLockConfiguration",
- "description": "This operation is not supported by directory buckets.\n Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). \n + The ``DefaultRetention`` settings require both a mode and a period.\n + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time.\n + You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html)."
+ "description": "This operation is not supported for directory buckets.\n Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). \n + The ``DefaultRetention`` settings require both a mode and a period.\n + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time.\n + You can enable Object Lock for new or existing buckets. For more information, see [Configuring Object Lock](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html)."
},
"ObjectLockEnabled": {
"description": "Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket.",
@@ -1748,7 +1799,7 @@
},
"VersioningConfiguration": {
"$ref": "#/definitions/VersioningConfiguration",
- "description": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them."
+ "description": "Enables multiple versions of all objects in this bucket. You might enable versioning to prevent objects from being deleted or overwritten by mistake or to archive objects so that you can retrieve previous versions of them.\n When you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (``PUT`` or ``DELETE``) on objects in the bucket."
},
"WebsiteConfiguration": {
"$ref": "#/definitions/WebsiteConfiguration",
@@ -1774,10 +1825,17 @@
"/properties/DomainName",
"/properties/DualStackDomainName",
"/properties/RegionalDomainName",
+ "/properties/MetadataTableConfiguration/S3TablesDestination/TableNamespace",
+ "/properties/MetadataTableConfiguration/S3TablesDestination/TableArn",
"/properties/WebsiteURL"
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "s3:PutBucketTagging",
+ "s3:GetBucketTagging",
+ "s3:DeleteBucketTagging"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-s3-bucketpolicy.json b/schema/aws-s3-bucketpolicy.json
index c20f837..3bc15f7 100644
--- a/schema/aws-s3-bucketpolicy.json
+++ b/schema/aws-s3-bucketpolicy.json
@@ -3,7 +3,7 @@
"createOnlyProperties": [
"/properties/Bucket"
],
- "description": "Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using an identity other than the root user of the AWS-account that owns the bucket, the calling identity must have the ``PutBucketPolicy`` permissions on the specified bucket and belong to the bucket owner's account in order to use this operation.\n If you don't have ``PutBucketPolicy`` permissions, Amazon S3 returns a ``403 Access Denied`` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a ``405 Method Not Allowed`` error.\n As a security precaution, the root user of the AWS-account that owns a bucket can always use this operation, even if the policy explicitly denies the root user the ability to perform this action. \n For more information, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html).\n The following operations are related to ``PutBucketPolicy``:\n + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) \n + [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)",
+ "description": "Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using an identity other than the root user of the AWS-account that owns the bucket, the calling identity must have the ``PutBucketPolicy`` permissions on the specified bucket and belong to the bucket owner's account in order to use this operation.\n If you don't have ``PutBucketPolicy`` permissions, Amazon S3 returns a ``403 Access Denied`` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a ``405 Method Not Allowed`` error.\n As a security precaution, the root user of the AWS-account that owns a bucket can always use this operation, even if the policy explicitly denies the root user the ability to perform this action. \n When using the ``AWS::S3::BucketPolicy`` resource, you can create, update, and delete bucket policies for S3 buckets located in regions different from the stack's region. This cross-region bucket policy modification functionality is supported for backward compatibility with existing workflows.\n If the [DeletionPolicy attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) is not specified or set to ``Delete``, the bucket policy will be removed when the stack is deleted. If set to ``Retain``, the bucket policy will be preserved even after the stack is deleted.\n For example, a CloudFormation stack in ``us-east-1`` can use the ``AWS::S3::BucketPolicy`` resource to manage the bucket policy for an S3 bucket in ``us-west-2``. The retention or removal of the bucket policy during the stack deletion is determined by the ``DeletionPolicy`` attribute specified in the stack template.\n For more information, see [Bucket policy examples](https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html).\n The following operations are related to ``PutBucketPolicy``:\n + [CreateBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) \n + [DeleteBucket](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html)",
"handlers": {
"create": {
"permissions": [
diff --git a/schema/aws-s3-multiregionaccesspoint.json b/schema/aws-s3-multiregionaccesspoint.json
index 7d0d746..e3033a1 100644
--- a/schema/aws-s3-multiregionaccesspoint.json
+++ b/schema/aws-s3-multiregionaccesspoint.json
@@ -122,5 +122,8 @@
"required": [
"Regions"
],
+ "tagging": {
+ "taggable": false
+ },
"typeName": "AWS::S3::MultiRegionAccessPoint"
}
diff --git a/schema/aws-s3-multiregionaccesspointpolicy.json b/schema/aws-s3-multiregionaccesspointpolicy.json
index 40dbfc5..c9494aa 100644
--- a/schema/aws-s3-multiregionaccesspointpolicy.json
+++ b/schema/aws-s3-multiregionaccesspointpolicy.json
@@ -75,5 +75,8 @@
"Policy",
"MrapName"
],
+ "tagging": {
+ "taggable": false
+ },
"typeName": "AWS::S3::MultiRegionAccessPointPolicy"
}
diff --git a/schema/aws-s3express-directorybucket.json b/schema/aws-s3express-directorybucket.json
index ee12099..da3af01 100644
--- a/schema/aws-s3express-directorybucket.json
+++ b/schema/aws-s3express-directorybucket.json
@@ -6,17 +6,162 @@
"/properties/DataRedundancy"
],
"definitions": {
+ "AbortIncompleteMultipartUpload": {
+ "additionalProperties": false,
+ "description": "Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload.",
+ "properties": {
+ "DaysAfterInitiation": {
+ "description": "Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload.",
+ "minimum": 0,
+ "type": "integer"
+ }
+ },
+ "required": [
+ "DaysAfterInitiation"
+ ],
+ "type": "object"
+ },
"Arn": {
"description": "The Amazon Resource Name (ARN) of the specified bucket.",
"type": "string"
+ },
+ "BucketEncryption": {
+ "additionalProperties": false,
+ "description": "Specifies default encryption for a bucket using server-side encryption with Amazon S3 managed keys (SSE-S3) or AWS KMS keys (SSE-KMS).",
+ "properties": {
+ "ServerSideEncryptionConfiguration": {
+ "description": "Specifies the default server-side-encryption configuration.",
+ "insertionOrder": true,
+ "items": {
+ "$ref": "#/definitions/ServerSideEncryptionRule"
+ },
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "required": [
+ "ServerSideEncryptionConfiguration"
+ ],
+ "type": "object"
+ },
+ "LifecycleConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Rules": {
+ "description": "A lifecycle rule for individual objects in an Amazon S3 Express bucket.",
+ "insertionOrder": true,
+ "items": {
+ "$ref": "#/definitions/Rule"
+ },
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "required": [
+ "Rules"
+ ],
+ "type": "object"
+ },
+ "Rule": {
+ "additionalProperties": false,
+ "description": "You must specify at least one of the following properties: AbortIncompleteMultipartUpload, or ExpirationInDays.",
+ "properties": {
+ "AbortIncompleteMultipartUpload": {
+ "$ref": "#/definitions/AbortIncompleteMultipartUpload"
+ },
+ "ExpirationInDays": {
+ "type": "integer"
+ },
+ "Id": {
+ "maxLength": 255,
+ "type": "string"
+ },
+ "ObjectSizeGreaterThan": {
+ "maxLength": 20,
+ "pattern": "[0-9]+",
+ "type": "string"
+ },
+ "ObjectSizeLessThan": {
+ "maxLength": 20,
+ "pattern": "[0-9]+",
+ "type": "string"
+ },
+ "Prefix": {
+ "type": "string"
+ },
+ "Status": {
+ "enum": [
+ "Enabled",
+ "Disabled"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "Status"
+ ],
+ "type": "object"
+ },
+ "ServerSideEncryptionByDefault": {
+ "additionalProperties": false,
+ "description": "Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.",
+ "properties": {
+ "KMSMasterKeyID": {
+ "anyOf": [
+ {
+ "relationshipRef": {
+ "propertyPath": "/properties/KeyId",
+ "typeName": "AWS::KMS::Key"
+ }
+ },
+ {
+ "relationshipRef": {
+ "propertyPath": "/properties/Arn",
+ "typeName": "AWS::KMS::Key"
+ }
+ }
+ ],
+ "description": "AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. This parameter is allowed only if SSEAlgorithm is set to aws:kms. You can specify this parameter with the key ID or the Amazon Resource Name (ARN) of the KMS key",
+ "type": "string"
+ },
+ "SSEAlgorithm": {
+ "enum": [
+ "aws:kms",
+ "AES256"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "SSEAlgorithm"
+ ],
+ "type": "object"
+ },
+ "ServerSideEncryptionRule": {
+ "additionalProperties": false,
+ "description": "Specifies the default server-side encryption configuration.",
+ "properties": {
+ "BucketKeyEnabled": {
+ "description": "Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Amazon S3 Express One Zone uses an S3 Bucket Key with SSE-KMS and S3 Bucket Key cannot be disabled. It's only allowed to set the BucketKeyEnabled element to true.",
+ "type": "boolean"
+ },
+ "ServerSideEncryptionByDefault": {
+ "$ref": "#/definitions/ServerSideEncryptionByDefault"
+ }
+ },
+ "type": "object"
}
},
"description": "Resource Type definition for AWS::S3Express::DirectoryBucket.",
"handlers": {
"create": {
"permissions": [
+ "kms:GenerateDataKey",
+ "kms:Decrypt",
"s3express:CreateBucket",
- "s3express:ListAllMyDirectoryBuckets"
+ "s3express:ListAllMyDirectoryBuckets",
+ "s3express:PutEncryptionConfiguration",
+ "s3express:PutLifecycleConfiguration"
]
},
"delete": {
@@ -32,7 +177,18 @@
},
"read": {
"permissions": [
- "s3express:ListAllMyDirectoryBuckets"
+ "s3express:ListAllMyDirectoryBuckets",
+ "ec2:DescribeAvailabilityZones",
+ "s3express:GetEncryptionConfiguration",
+ "s3express:GetLifecycleConfiguration"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "kms:GenerateDataKey",
+ "kms:Decrypt",
+ "s3express:PutEncryptionConfiguration",
+ "s3express:PutLifecycleConfiguration"
]
}
},
@@ -47,26 +203,42 @@
"arn:aws:s3express:us-west-2:123456789123:bucket/DOC-EXAMPLE-BUCKET--usw2-az1--x-s3"
]
},
+ "AvailabilityZoneName": {
+ "description": "Returns the code for the Availability Zone or Local Zone where the directory bucket was created. An example for the code of an Availability Zone is 'us-east-1f'.",
+ "examples": [
+ "us-east-1f"
+ ],
+ "type": "string"
+ },
+ "BucketEncryption": {
+ "$ref": "#/definitions/BucketEncryption"
+ },
"BucketName": {
- "description": "Specifies a name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Availability Zone. The bucket name must also follow the format 'bucket_base_name--az_id--x-s3' (for example, 'DOC-EXAMPLE-BUCKET--usw2-az1--x-s3'). If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name.",
+ "description": "Specifies a name for the bucket. The bucket name must contain only lowercase letters, numbers, and hyphens (-). A directory bucket name must be unique in the chosen Availability Zone or Local Zone. The bucket name must also follow the format 'bucket_base_name--zone_id--x-s3'. The zone_id can be the ID of an Availability Zone or a Local Zone. If you don't specify a name, AWS CloudFormation generates a unique physical ID and uses that ID for the bucket name.",
"maxLength": 63,
"pattern": "^[a-z0-9][a-z0-9//.//-]*[a-z0-9]$",
"type": "string"
},
"DataRedundancy": {
- "description": "Specifies the number of Availability Zone that's used for redundancy for the bucket.",
+ "description": "Specifies the number of Availability Zone or Local Zone that's used for redundancy for the bucket.",
"enum": [
- "SingleAvailabilityZone"
+ "SingleAvailabilityZone",
+ "SingleLocalZone"
],
"type": "string"
},
+ "LifecycleConfiguration": {
+ "$ref": "#/definitions/LifecycleConfiguration",
+ "description": "Lifecycle rules that define how Amazon S3 Express manages objects during their lifetime."
+ },
"LocationName": {
- "description": "Specifies the AZ ID of the Availability Zone where the directory bucket will be created. An example AZ ID value is 'use1-az5'.",
+ "description": "Specifies the Zone ID of the Availability Zone or Local Zone where the directory bucket will be created. An example Availability Zone ID value is 'use1-az5'.",
"type": "string"
}
},
"readOnlyProperties": [
- "/properties/Arn"
+ "/properties/Arn",
+ "/properties/AvailabilityZoneName"
],
"required": [
"LocationName",
diff --git a/schema/aws-s3tables-tablebucket.json b/schema/aws-s3tables-tablebucket.json
new file mode 100644
index 0000000..2b01ca9
--- /dev/null
+++ b/schema/aws-s3tables-tablebucket.json
@@ -0,0 +1,136 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/TableBucketName"
+ ],
+ "definitions": {
+ "EncryptionConfiguration": {
+ "additionalProperties": false,
+ "description": "Specifies encryption settings for the table bucket",
+ "properties": {
+ "KMSKeyArn": {
+ "description": "ARN of the KMS key to use for encryption",
+ "type": "string"
+ },
+ "SSEAlgorithm": {
+ "description": "Server-side encryption algorithm",
+ "enum": [
+ "AES256",
+ "aws:kms"
+ ],
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "TableBucketARN": {
+ "description": "The Amazon Resource Name (ARN) of the specified table bucket.",
+ "examples": [
+ "arn:aws:s3tables:us-west-2:123456789012:bucket/mytablebucket"
+ ],
+ "type": "string"
+ },
+ "TableBucketName": {
+ "description": "A name for the table bucket.",
+ "maxLength": 63,
+ "minLength": 3,
+ "type": "string"
+ },
+ "UnreferencedFileRemoval": {
+ "additionalProperties": false,
+ "description": "Settings governing the Unreferenced File Removal maintenance action. Unreferenced file removal identifies and deletes all objects that are not referenced by any table snapshots.",
+ "properties": {
+ "NoncurrentDays": {
+ "description": "S3 permanently deletes noncurrent objects after the number of days specified by the NoncurrentDays property.",
+ "minimum": 1,
+ "type": "integer"
+ },
+ "Status": {
+ "description": "Indicates whether the Unreferenced File Removal maintenance action is enabled.",
+ "enum": [
+ "Enabled",
+ "Disabled"
+ ],
+ "type": "string"
+ },
+ "UnreferencedDays": {
+ "description": "For any object not referenced by your table and older than the UnreferencedDays property, S3 creates a delete marker and marks the object version as noncurrent.",
+ "minimum": 1,
+ "type": "integer"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Creates an Amazon S3 Tables table bucket in the same AWS Region where you create the AWS CloudFormation stack.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "s3tables:CreateTableBucket",
+ "s3tables:PutTableBucketMaintenanceConfiguration",
+ "s3tables:PutTableBucketEncryption",
+ "s3tables:GetTableBucket",
+ "s3tables:GetTableBucketMaintenanceConfiguration",
+ "s3tables:GetTableBucketEncryption",
+ "kms:DescribeKey"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "s3tables:DeleteTableBucket"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "s3tables:ListTableBuckets"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "s3tables:GetTableBucket",
+ "s3tables:GetTableBucketMaintenanceConfiguration",
+ "s3tables:GetTableBucketEncryption"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "s3tables:PutTableBucketMaintenanceConfiguration",
+ "s3tables:PutTableBucketEncryption",
+ "s3tables:GetTableBucketMaintenanceConfiguration",
+ "s3tables:GetTableBucketEncryption",
+ "s3tables:GetTableBucket",
+ "kms:DescribeKey"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/TableBucketARN"
+ ],
+ "properties": {
+ "EncryptionConfiguration": {
+ "$ref": "#/definitions/EncryptionConfiguration"
+ },
+ "TableBucketARN": {
+ "$ref": "#/definitions/TableBucketARN"
+ },
+ "TableBucketName": {
+ "$ref": "#/definitions/TableBucketName"
+ },
+ "UnreferencedFileRemoval": {
+ "$ref": "#/definitions/UnreferencedFileRemoval"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/TableBucketARN"
+ ],
+ "required": [
+ "TableBucketName"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "taggable": false
+ },
+ "typeName": "AWS::S3Tables::TableBucket"
+}
diff --git a/schema/aws-s3tables-tablebucketpolicy.json b/schema/aws-s3tables-tablebucketpolicy.json
new file mode 100644
index 0000000..fbf184a
--- /dev/null
+++ b/schema/aws-s3tables-tablebucketpolicy.json
@@ -0,0 +1,77 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/TableBucketARN"
+ ],
+ "definitions": {
+ "ResourcePolicy": {
+ "description": "A policy document containing permissions to add to the specified table bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM.",
+ "type": [
+ "object",
+ "string"
+ ]
+ },
+ "TableBucketARN": {
+ "description": "The Amazon Resource Name (ARN) of the table bucket to which the policy applies.",
+ "examples": [
+ "arn:aws:s3tables:us-west-2:123456789012:bucket/mytablebucket"
+ ],
+ "type": "string"
+ }
+ },
+ "description": "Applies an IAM resource policy to a table bucket.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "s3tables:GetTableBucket",
+ "s3tables:GetTableBucketPolicy",
+ "s3tables:PutTableBucketPolicy"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "s3tables:GetTableBucketPolicy",
+ "s3tables:DeleteTableBucketPolicy"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "s3tables:GetTableBucketPolicy",
+ "s3tables:ListTableBuckets"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "s3tables:GetTableBucketPolicy"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "s3tables:GetTableBucketPolicy",
+ "s3tables:PutTableBucketPolicy"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/TableBucketARN"
+ ],
+ "properties": {
+ "ResourcePolicy": {
+ "$ref": "#/definitions/ResourcePolicy"
+ },
+ "TableBucketARN": {
+ "$ref": "#/definitions/TableBucketARN"
+ }
+ },
+ "required": [
+ "ResourcePolicy",
+ "TableBucketARN"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "taggable": false
+ },
+ "typeName": "AWS::S3Tables::TableBucketPolicy"
+}
diff --git a/schema/aws-sagemaker-cluster.json b/schema/aws-sagemaker-cluster.json
new file mode 100644
index 0000000..d948d19
--- /dev/null
+++ b/schema/aws-sagemaker-cluster.json
@@ -0,0 +1,405 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/ClusterName"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ClusterName",
+ "/properties/VpcConfig",
+ "/properties/Orchestrator",
+ "/properties/InstanceGroups/*/OverrideVpcConfig",
+ "/properties/InstanceGroups/*/ExecutionRole",
+ "/properties/InstanceGroups/*/InstanceGroupName",
+ "/properties/InstanceGroups/*/InstanceType",
+ "/properties/InstanceGroups/*/ThreadsPerCore"
+ ],
+ "definitions": {
+ "ClusterEbsVolumeConfig": {
+ "additionalProperties": false,
+ "description": "Defines the configuration for attaching additional Amazon Elastic Block Store (EBS) volumes to the instances in the SageMaker HyperPod cluster instance group. The additional EBS volume is attached to each instance within the SageMaker HyperPod cluster instance group and mounted to /opt/sagemaker.",
+ "properties": {
+ "VolumeSizeInGB": {
+ "description": "The size in gigabytes (GB) of the additional EBS volume to be attached to the instances in the SageMaker HyperPod cluster instance group. The additional EBS volume is attached to each instance within the SageMaker HyperPod cluster instance group and mounted to /opt/sagemaker.",
+ "maximum": 16384,
+ "minimum": 1,
+ "type": "integer"
+ }
+ },
+ "type": "object"
+ },
+ "ClusterInstanceGroup": {
+ "additionalProperties": false,
+ "description": "Details of an instance group in a SageMaker HyperPod cluster.",
+ "properties": {
+ "CurrentCount": {
+ "description": "The number of instances that are currently in the instance group of a SageMaker HyperPod cluster.",
+ "minimum": 0,
+ "type": "integer"
+ },
+ "ExecutionRole": {
+ "$ref": "#/definitions/ExecutionRole"
+ },
+ "InstanceCount": {
+ "description": "The number of instances you specified to add to the instance group of a SageMaker HyperPod cluster.",
+ "minimum": 0,
+ "type": "integer"
+ },
+ "InstanceGroupName": {
+ "$ref": "#/definitions/InstanceGroupName"
+ },
+ "InstanceStorageConfigs": {
+ "$ref": "#/definitions/ClusterInstanceStorageConfigs"
+ },
+ "InstanceType": {
+ "$ref": "#/definitions/InstanceType"
+ },
+ "LifeCycleConfig": {
+ "$ref": "#/definitions/ClusterLifeCycleConfig"
+ },
+ "OnStartDeepHealthChecks": {
+ "$ref": "#/definitions/OnStartDeepHealthChecks"
+ },
+ "OverrideVpcConfig": {
+ "$ref": "#/definitions/VpcConfig"
+ },
+ "ThreadsPerCore": {
+ "description": "The number you specified to TreadsPerCore in CreateCluster for enabling or disabling multithreading. For instance types that support multithreading, you can specify 1 for disabling multithreading and 2 for enabling multithreading.",
+ "maximum": 2,
+ "minimum": 1,
+ "type": "integer"
+ }
+ },
+ "required": [
+ "ExecutionRole",
+ "InstanceCount",
+ "InstanceGroupName",
+ "InstanceType",
+ "LifeCycleConfig"
+ ],
+ "type": "object"
+ },
+ "ClusterInstanceGroupsList": {
+ "description": "The instance groups of the SageMaker HyperPod cluster.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/ClusterInstanceGroup"
+ },
+ "minItems": 1,
+ "type": "array"
+ },
+ "ClusterInstanceStorageConfig": {
+ "description": "Defines the configuration for attaching additional storage to the instances in the SageMaker HyperPod cluster instance group.",
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "EbsVolumeConfig": {
+ "$ref": "#/definitions/ClusterEbsVolumeConfig"
+ }
+ },
+ "type": "object"
+ }
+ ],
+ "type": "object"
+ },
+ "ClusterInstanceStorageConfigs": {
+ "description": "The instance storage configuration for the instance group.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/ClusterInstanceStorageConfig"
+ },
+ "maxItems": 1,
+ "type": "array"
+ },
+ "ClusterLifeCycleConfig": {
+ "additionalProperties": false,
+ "description": "The lifecycle configuration for a SageMaker HyperPod cluster.",
+ "properties": {
+ "OnCreate": {
+ "description": "The file name of the entrypoint script of lifecycle scripts under SourceS3Uri. This entrypoint script runs during cluster creation.",
+ "maxLength": 128,
+ "minLength": 1,
+ "pattern": "^[\\S\\s]+$",
+ "type": "string"
+ },
+ "SourceS3Uri": {
+ "description": "An Amazon S3 bucket path where your lifecycle scripts are stored.",
+ "maxLength": 1024,
+ "pattern": "^(https|s3)://([^/]+)/?(.*)$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "OnCreate",
+ "SourceS3Uri"
+ ],
+ "type": "object"
+ },
+ "ClusterOrchestratorEksConfig": {
+ "additionalProperties": false,
+ "description": "Specifies parameter(s) related to EKS as orchestrator, e.g. the EKS cluster nodes will attach to,",
+ "properties": {
+ "ClusterArn": {
+ "description": "The ARN of the EKS cluster, such as arn:aws:eks:us-west-2:123456789012:cluster/my-eks-cluster",
+ "type": "string"
+ }
+ },
+ "required": [
+ "ClusterArn"
+ ],
+ "type": "object"
+ },
+ "DeepHealthCheckType": {
+ "description": "The type of deep health check(s) to be performed on the instances in the SageMaker HyperPod cluster instance group.",
+ "enum": [
+ "InstanceStress",
+ "InstanceConnectivity"
+ ],
+ "type": "string"
+ },
+ "ExecutionRole": {
+ "description": "The execution role for the instance group to assume.",
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$",
+ "type": "string"
+ },
+ "InstanceGroupName": {
+ "description": "The name of the instance group of a SageMaker HyperPod cluster.",
+ "maxLength": 63,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9])*$",
+ "type": "string"
+ },
+ "InstanceType": {
+ "description": "The instance type of the instance group of a SageMaker HyperPod cluster.",
+ "type": "string"
+ },
+ "OnStartDeepHealthChecks": {
+ "description": "Nodes will undergo advanced stress test to detect and replace faulty instances, based on the type of deep health check(s) passed in.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/DeepHealthCheckType"
+ },
+ "type": "array"
+ },
+ "Orchestrator": {
+ "additionalProperties": false,
+ "description": "Specifies parameter(s) specific to the orchestrator, e.g. specify the EKS cluster.",
+ "properties": {
+ "Eks": {
+ "$ref": "#/definitions/ClusterOrchestratorEksConfig"
+ }
+ },
+ "required": [
+ "Eks"
+ ],
+ "type": "object"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "maxLength": 128,
+ "minLength": 1,
+ "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$",
+ "type": "string"
+ },
+ "Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
+ "maxLength": 256,
+ "minLength": 0,
+ "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ },
+ "VpcConfig": {
+ "additionalProperties": false,
+ "description": "Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to. You can control access to and from your resources by configuring a VPC.",
+ "properties": {
+ "SecurityGroupIds": {
+ "description": "The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field.",
+ "insertionOrder": false,
+ "items": {
+ "maxLength": 32,
+ "pattern": "[-0-9a-zA-Z]+",
+ "type": "string"
+ },
+ "maxItems": 5,
+ "minItems": 1,
+ "type": "array"
+ },
+ "Subnets": {
+ "description": "The ID of the subnets in the VPC to which you want to connect your training job or model.",
+ "insertionOrder": false,
+ "items": {
+ "maxLength": 32,
+ "pattern": "[-0-9a-zA-Z]+",
+ "type": "string"
+ },
+ "maxItems": 16,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "SecurityGroupIds",
+ "Subnets"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "Resource Type definition for AWS::SageMaker::Cluster",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "sagemaker:CreateCluster",
+ "sagemaker:DescribeCluster",
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "eks:DescribeAccessEntry",
+ "eks:DescribeCluster",
+ "eks:CreateAccessEntry",
+ "eks:DeleteAccessEntry",
+ "eks:AssociateAccessPolicy",
+ "iam:CreateServiceLinkedRole",
+ "iam:PassRole"
+ ],
+ "timeoutInMinutes": 720
+ },
+ "delete": {
+ "permissions": [
+ "sagemaker:DeleteCluster",
+ "sagemaker:DescribeCluster",
+ "eks:DescribeAccessEntry",
+ "eks:DeleteAccessEntry"
+ ],
+ "timeoutInMinutes": 720
+ },
+ "list": {
+ "permissions": [
+ "sagemaker:ListClusters"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "sagemaker:DescribeCluster",
+ "sagemaker:ListTags"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "sagemaker:UpdateCluster",
+ "sagemaker:DescribeCluster",
+ "sagemaker:ListTags",
+ "sagemaker:AddTags",
+ "sagemaker:DeleteTags",
+ "eks:DescribeAccessEntry",
+ "eks:DescribeCluster",
+ "eks:CreateAccessEntry",
+ "eks:DeleteAccessEntry",
+ "iam:PassRole"
+ ],
+ "timeoutInMinutes": 720
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/ClusterArn"
+ ],
+ "properties": {
+ "ClusterArn": {
+ "description": "The Amazon Resource Name (ARN) of the HyperPod Cluster.",
+ "maxLength": 256,
+ "pattern": "^arn:aws[a-z\\-]*:sagemaker:[a-z0-9\\-]*:[0-9]{12}:cluster/[a-z0-9]{12}$",
+ "type": "string"
+ },
+ "ClusterName": {
+ "description": "The name of the HyperPod Cluster.",
+ "maxLength": 63,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}$",
+ "type": "string"
+ },
+ "ClusterStatus": {
+ "description": "The status of the HyperPod Cluster.",
+ "enum": [
+ "Creating",
+ "Deleting",
+ "Failed",
+ "InService",
+ "RollingBack",
+ "SystemUpdating",
+ "Updating"
+ ],
+ "type": "string"
+ },
+ "CreationTime": {
+ "description": "The time at which the HyperPod cluster was created.",
+ "type": "string"
+ },
+ "FailureMessage": {
+ "description": "The failure message of the HyperPod Cluster.",
+ "type": "string"
+ },
+ "InstanceGroups": {
+ "$ref": "#/definitions/ClusterInstanceGroupsList"
+ },
+ "NodeRecovery": {
+ "description": "If node auto-recovery is set to true, faulty nodes will be replaced or rebooted when a failure is detected. If set to false, nodes will be labelled when a fault is detected.",
+ "enum": [
+ "Automatic",
+ "None"
+ ],
+ "type": "string"
+ },
+ "Orchestrator": {
+ "$ref": "#/definitions/Orchestrator"
+ },
+ "Tags": {
+ "description": "Custom tags for managing the SageMaker HyperPod cluster as an AWS resource. You can add tags to your cluster in the same way you add them in other AWS services that support tagging.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 50,
+ "type": "array",
+ "uniqueItems": true
+ },
+ "VpcConfig": {
+ "$ref": "#/definitions/VpcConfig"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/ClusterArn",
+ "/properties/CreationTime",
+ "/properties/ClusterStatus",
+ "/properties/FailureMessage",
+ "/properties/InstanceGroups/*/CurrentCount"
+ ],
+ "required": [
+ "InstanceGroups"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "sagemaker:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::SageMaker::Cluster"
+}
diff --git a/schema/aws-sagemaker-dataqualityjobdefinition.json b/schema/aws-sagemaker-dataqualityjobdefinition.json
index b7dff15..0747107 100644
--- a/schema/aws-sagemaker-dataqualityjobdefinition.json
+++ b/schema/aws-sagemaker-dataqualityjobdefinition.json
@@ -493,6 +493,7 @@
"sagemaker:CreateDataQualityJobDefinition",
"sagemaker:DescribeDataQualityJobDefinition",
"sagemaker:AddTags",
+ "sagemaker:ListTags",
"iam:PassRole"
]
},
@@ -509,7 +510,8 @@
},
"read": {
"permissions": [
- "sagemaker:DescribeDataQualityJobDefinition"
+ "sagemaker:DescribeDataQualityJobDefinition",
+ "sagemaker:ListTags"
]
}
},
@@ -581,11 +583,19 @@
"JobResources",
"RoleArn"
],
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
"typeName": "AWS::SageMaker::DataQualityJobDefinition",
"writeOnlyProperties": [
- "/properties/EndpointName",
- "/properties/Tags",
- "/properties/Tags/*/Key",
- "/properties/Tags/*/Value"
+ "/properties/EndpointName"
]
}
diff --git a/schema/aws-sagemaker-domain.json b/schema/aws-sagemaker-domain.json
index ceff779..03cf971 100644
--- a/schema/aws-sagemaker-domain.json
+++ b/schema/aws-sagemaker-domain.json
@@ -9,6 +9,15 @@
"/properties/Tags"
],
"definitions": {
+ "AppLifecycleManagement": {
+ "additionalProperties": false,
+ "properties": {
+ "IdleSettings": {
+ "$ref": "#/definitions/IdleSettings"
+ }
+ },
+ "type": "object"
+ },
"AppType": {
"enum": [
"JupyterServer",
@@ -25,6 +34,9 @@
"additionalProperties": false,
"description": "The CodeEditor app settings.",
"properties": {
+ "AppLifecycleManagement": {
+ "$ref": "#/definitions/AppLifecycleManagement"
+ },
"CustomImages": {
"description": "A list of custom images for use for CodeEditor apps.",
"items": {
@@ -72,6 +84,9 @@
"properties": {
"EFSFileSystemConfig": {
"$ref": "#/definitions/EFSFileSystemConfig"
+ },
+ "FSxLustreFileSystemConfig": {
+ "$ref": "#/definitions/FSxLustreFileSystemConfig"
}
},
"type": "object"
@@ -248,6 +263,14 @@
"DockerSettings": {
"$ref": "#/definitions/DockerSettings"
},
+ "ExecutionRoleIdentityConfig": {
+ "description": "The configuration for attaching a SageMaker user profile name to the execution role as a sts:SourceIdentity key.",
+ "enum": [
+ "USER_PROFILE_NAME",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"RStudioServerProDomainSettings": {
"$ref": "#/definitions/RStudioServerProDomainSettings"
},
@@ -288,10 +311,58 @@
],
"type": "object"
},
+ "FSxLustreFileSystemConfig": {
+ "additionalProperties": false,
+ "properties": {
+ "FileSystemId": {
+ "maxLength": 21,
+ "minLength": 11,
+ "pattern": "^(fs-[0-9a-f]{8,})$",
+ "type": "string"
+ },
+ "FileSystemPath": {
+ "maxLength": 256,
+ "minLength": 1,
+ "pattern": "^\\/\\S*$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "FileSystemId"
+ ],
+ "type": "object"
+ },
+ "IdleSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "IdleTimeoutInMinutes": {
+ "$ref": "#/definitions/IdleTimeoutInMinutes"
+ },
+ "LifecycleManagement": {
+ "$ref": "#/definitions/LifecycleManagement"
+ },
+ "MaxIdleTimeoutInMinutes": {
+ "$ref": "#/definitions/MaxIdleTimeoutInMinutes"
+ },
+ "MinIdleTimeoutInMinutes": {
+ "$ref": "#/definitions/MinIdleTimeoutInMinutes"
+ }
+ },
+ "type": "object"
+ },
+ "IdleTimeoutInMinutes": {
+ "description": "The idle timeout value set in minutes",
+ "maximum": 525600,
+ "minimum": 60,
+ "type": "integer"
+ },
"JupyterLabAppSettings": {
"additionalProperties": false,
"description": "The JupyterLab app settings.",
"properties": {
+ "AppLifecycleManagement": {
+ "$ref": "#/definitions/AppLifecycleManagement"
+ },
"CodeRepositories": {
"description": "A list of CodeRepositories available for use with JupyterLab apps.",
"items": {
@@ -381,12 +452,32 @@
},
"type": "object"
},
+ "LifecycleManagement": {
+ "description": "A flag to enable/disable AppLifecycleManagement settings",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "MaxIdleTimeoutInMinutes": {
+ "description": "The maximum idle timeout value set in minutes",
+ "maximum": 525600,
+ "minimum": 60,
+ "type": "integer"
+ },
+ "MinIdleTimeoutInMinutes": {
+ "description": "The minimum idle timeout value set in minutes",
+ "maximum": 525600,
+ "minimum": 60,
+ "type": "integer"
+ },
"MlTools": {
"enum": [
"DataWrangler",
"FeatureStore",
"EmrClusters",
- "AutoML",
+ "AutoMl",
"Experiments",
"Training",
"ModelEvaluation",
@@ -395,7 +486,14 @@
"JumpStart",
"InferenceRecommender",
"Endpoints",
- "Projects"
+ "Projects",
+ "InferenceOptimization",
+ "HyperPodClusters",
+ "Comet",
+ "DeepchecksLLMEvaluation",
+ "Fiddler",
+ "LakeraGuard",
+ "PerformanceEvaluation"
],
"type": "string"
},
@@ -880,6 +978,14 @@
"type": "array",
"uniqueItems": false
},
+ "TagPropagation": {
+ "description": "Indicates whether the tags added to Domain, User Profile and Space entity is propagated to all SageMaker resources.",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"Tags": {
"description": "A list of tags to apply to the user profile.",
"insertionOrder": false,
diff --git a/schema/aws-sagemaker-endpoint.json b/schema/aws-sagemaker-endpoint.json
index 9a00ce7..58d5ff2 100644
--- a/schema/aws-sagemaker-endpoint.json
+++ b/schema/aws-sagemaker-endpoint.json
@@ -8,6 +8,7 @@
"additionalProperties": false,
"properties": {
"AlarmName": {
+ "description": "The name of the CloudWatch alarm.",
"type": "string"
}
},
@@ -20,11 +21,12 @@
"additionalProperties": false,
"properties": {
"Alarms": {
+ "description": "List of CloudWatch alarms to monitor during the deployment. If any alarm goes off, the deployment is rolled back.",
"items": {
"$ref": "#/definitions/Alarm"
},
"type": "array",
- "uniqueItems": false
+ "uniqueItems": true
}
},
"required": [
@@ -36,13 +38,16 @@
"additionalProperties": false,
"properties": {
"MaximumExecutionTimeoutInSeconds": {
+ "description": "The maximum time allowed for the blue/green update, in seconds.",
"type": "integer"
},
"TerminationWaitInSeconds": {
+ "description": "The wait time before terminating the old endpoint during a blue/green deployment.",
"type": "integer"
},
"TrafficRoutingConfiguration": {
- "$ref": "#/definitions/TrafficRoutingConfig"
+ "$ref": "#/definitions/TrafficRoutingConfig",
+ "description": "The traffic routing configuration for the blue/green deployment."
}
},
"required": [
@@ -54,9 +59,11 @@
"additionalProperties": false,
"properties": {
"Type": {
+ "description": "Specifies whether the `Value` is an instance count or a capacity unit.",
"type": "string"
},
"Value": {
+ "description": "The value representing either the number of instances or the number of capacity units.",
"type": "integer"
}
},
@@ -70,13 +77,16 @@
"additionalProperties": false,
"properties": {
"AutoRollbackConfiguration": {
- "$ref": "#/definitions/AutoRollbackConfig"
+ "$ref": "#/definitions/AutoRollbackConfig",
+ "description": "Configuration for automatic rollback if an error occurs during deployment."
},
"BlueGreenUpdatePolicy": {
- "$ref": "#/definitions/BlueGreenUpdatePolicy"
+ "$ref": "#/definitions/BlueGreenUpdatePolicy",
+ "description": "Configuration for blue-green update deployment policies."
},
"RollingUpdatePolicy": {
- "$ref": "#/definitions/RollingUpdatePolicy"
+ "$ref": "#/definitions/RollingUpdatePolicy",
+ "description": "Configuration for rolling update deployment policies."
}
},
"type": "object"
@@ -85,15 +95,19 @@
"additionalProperties": false,
"properties": {
"MaximumBatchSize": {
- "$ref": "#/definitions/CapacitySize"
+ "$ref": "#/definitions/CapacitySize",
+ "description": "Specifies the maximum batch size for each rolling update."
},
"MaximumExecutionTimeoutInSeconds": {
+ "description": "The maximum time allowed for the rolling update, in seconds.",
"type": "integer"
},
"RollbackMaximumBatchSize": {
- "$ref": "#/definitions/CapacitySize"
+ "$ref": "#/definitions/CapacitySize",
+ "description": "The maximum batch size for rollback during an update failure."
},
"WaitIntervalInSeconds": {
+ "description": "The time to wait between steps during the rolling update, in seconds.",
"type": "integer"
}
},
@@ -107,9 +121,11 @@
"additionalProperties": false,
"properties": {
"Key": {
+ "description": "The key of the tag.",
"type": "string"
},
"Value": {
+ "description": "The value of the tag.",
"type": "string"
}
},
@@ -123,15 +139,19 @@
"additionalProperties": false,
"properties": {
"CanarySize": {
- "$ref": "#/definitions/CapacitySize"
+ "$ref": "#/definitions/CapacitySize",
+ "description": "Specifies the size of the canary traffic in a canary deployment."
},
"LinearStepSize": {
- "$ref": "#/definitions/CapacitySize"
+ "$ref": "#/definitions/CapacitySize",
+ "description": "Specifies the step size for linear traffic routing."
},
"Type": {
+ "description": "Specifies the type of traffic routing (e.g., 'AllAtOnce', 'Canary', 'Linear').",
"type": "string"
},
"WaitIntervalInSeconds": {
+ "description": "Specifies the wait interval between traffic shifts, in seconds.",
"type": "integer"
}
},
@@ -144,6 +164,7 @@
"additionalProperties": false,
"properties": {
"VariantPropertyType": {
+ "description": "The type of variant property (e.g., 'DesiredInstanceCount', 'DesiredWeight', 'DataCaptureConfig').",
"type": "string"
}
},
@@ -151,36 +172,78 @@
}
},
"description": "Resource Type definition for AWS::SageMaker::Endpoint",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "sagemaker:CreateEndpoint",
+ "sagemaker:DescribeEndpoint",
+ "sagemaker:AddTags"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "sagemaker:DeleteEndpoint",
+ "sagemaker:DescribeEndpoint"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "sagemaker:ListEndpoints"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "sagemaker:DescribeEndpoint",
+ "sagemaker:ListTags"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "sagemaker:UpdateEndpoint",
+ "sagemaker:DescribeEndpoint",
+ "sagemaker:AddTags",
+ "sagemaker:DeleteTags"
+ ]
+ }
+ },
"primaryIdentifier": [
- "/properties/Id"
+ "/properties/EndpointArn"
],
"properties": {
"DeploymentConfig": {
- "$ref": "#/definitions/DeploymentConfig"
+ "$ref": "#/definitions/DeploymentConfig",
+ "description": "Specifies deployment configuration for updating the SageMaker endpoint. Includes rollback and update policies."
+ },
+ "EndpointArn": {
+ "description": "The Amazon Resource Name (ARN) of the endpoint.",
+ "type": "string"
},
"EndpointConfigName": {
+ "description": "The name of the endpoint configuration for the SageMaker endpoint. This is a required property.",
"type": "string"
},
"EndpointName": {
+ "description": "The name of the SageMaker endpoint. This name must be unique within an AWS Region.",
"type": "string"
},
"ExcludeRetainedVariantProperties": {
+ "description": "Specifies a list of variant properties that you want to exclude when updating an endpoint.",
"items": {
"$ref": "#/definitions/VariantProperty"
},
"type": "array",
"uniqueItems": false
},
- "Id": {
- "type": "string"
- },
"RetainAllVariantProperties": {
+ "description": "When set to true, retains all variant properties for an endpoint when it is updated.",
"type": "boolean"
},
"RetainDeploymentConfig": {
+ "description": "When set to true, retains the deployment configuration during endpoint updates.",
"type": "boolean"
},
"Tags": {
+ "description": "An array of key-value pairs to apply to this resource.",
"items": {
"$ref": "#/definitions/Tag"
},
@@ -189,10 +252,28 @@
}
},
"readOnlyProperties": [
- "/properties/Id"
+ "/properties/EndpointArn",
+ "/properties/EndpointName"
],
"required": [
"EndpointConfigName"
],
- "typeName": "AWS::SageMaker::Endpoint"
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:DeleteTags",
+ "sagemaker:ListTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::SageMaker::Endpoint",
+ "writeOnlyProperties": [
+ "/properties/ExcludeRetainedVariantProperties",
+ "/properties/RetainAllVariantProperties",
+ "/properties/RetainDeploymentConfig"
+ ]
}
diff --git a/schema/aws-sagemaker-endpointconfig.json b/schema/aws-sagemaker-endpointconfig.json
index b43cce3..e216253 100644
--- a/schema/aws-sagemaker-endpointconfig.json
+++ b/schema/aws-sagemaker-endpointconfig.json
@@ -298,15 +298,15 @@
"ProductionVariant": {
"additionalProperties": false,
"properties": {
- "AcceleratorType": {
- "type": "string"
- },
"ContainerStartupHealthCheckTimeoutInSeconds": {
"type": "integer"
},
"EnableSSMAccess": {
"type": "boolean"
},
+ "InferenceAmiVersion": {
+ "type": "string"
+ },
"InitialInstanceCount": {
"type": "integer"
},
diff --git a/schema/aws-sagemaker-featuregroup.json b/schema/aws-sagemaker-featuregroup.json
index 21b7596..5473bcc 100644
--- a/schema/aws-sagemaker-featuregroup.json
+++ b/schema/aws-sagemaker-featuregroup.json
@@ -350,6 +350,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "sagemaker:DeleteTags"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": false,
diff --git a/schema/aws-sagemaker-image.json b/schema/aws-sagemaker-image.json
index 8ce5558..13b00cd 100644
--- a/schema/aws-sagemaker-image.json
+++ b/schema/aws-sagemaker-image.json
@@ -143,6 +143,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "sagemaker:DeleteTags"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-sagemaker-inferencecomponent.json b/schema/aws-sagemaker-inferencecomponent.json
index 6367c19..b574a04 100644
--- a/schema/aws-sagemaker-inferencecomponent.json
+++ b/schema/aws-sagemaker-inferencecomponent.json
@@ -1,6 +1,48 @@
{
"additionalProperties": false,
"definitions": {
+ "Alarm": {
+ "additionalProperties": false,
+ "properties": {
+ "AlarmName": {
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^(?!\\s*$).+",
+ "type": "string"
+ }
+ },
+ "required": [
+ "AlarmName"
+ ],
+ "type": "object"
+ },
+ "AutoRollbackConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Alarms": {
+ "items": {
+ "$ref": "#/definitions/Alarm"
+ },
+ "maxItems": 10,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "Alarms"
+ ],
+ "type": "object"
+ },
+ "BaseInferenceComponentName": {
+ "description": "The name of the base inference component",
+ "maxLength": 63,
+ "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9])*$",
+ "type": "string"
+ },
+ "CapacitySizeValue": {
+ "description": "The number of copies for the inference component",
+ "type": "integer"
+ },
"ContainerImage": {
"description": "The image to use for the container that will be materialized for the inference component",
"maxLength": 255,
@@ -59,6 +101,30 @@
"minLength": 1,
"type": "string"
},
+ "InferenceComponentCapacitySize": {
+ "additionalProperties": false,
+ "description": "Capacity size configuration for the inference component",
+ "properties": {
+ "Type": {
+ "$ref": "#/definitions/InferenceComponentCapacitySizeType"
+ },
+ "Value": {
+ "$ref": "#/definitions/CapacitySizeValue"
+ }
+ },
+ "required": [
+ "Type",
+ "Value"
+ ],
+ "type": "object"
+ },
+ "InferenceComponentCapacitySizeType": {
+ "enum": [
+ "COPY_COUNT",
+ "CAPACITY_PERCENT"
+ ],
+ "type": "string"
+ },
"InferenceComponentComputeResourceRequirements": {
"additionalProperties": false,
"description": "",
@@ -102,12 +168,44 @@
"minimum": 0,
"type": "integer"
},
+ "InferenceComponentDeploymentConfig": {
+ "additionalProperties": false,
+ "description": "The deployment config for the inference component",
+ "properties": {
+ "AutoRollbackConfiguration": {
+ "$ref": "#/definitions/AutoRollbackConfiguration"
+ },
+ "RollingUpdatePolicy": {
+ "$ref": "#/definitions/InferenceComponentRollingUpdatePolicy"
+ }
+ },
+ "type": "object"
+ },
"InferenceComponentName": {
"description": "The name of the inference component",
"maxLength": 63,
"pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9])*$",
"type": "string"
},
+ "InferenceComponentRollingUpdatePolicy": {
+ "additionalProperties": false,
+ "description": "The rolling update policy for the inference component",
+ "properties": {
+ "MaximumBatchSize": {
+ "$ref": "#/definitions/InferenceComponentCapacitySize"
+ },
+ "MaximumExecutionTimeoutInSeconds": {
+ "$ref": "#/definitions/MaximumExecutionTimeoutInSeconds"
+ },
+ "RollbackMaximumBatchSize": {
+ "$ref": "#/definitions/InferenceComponentCapacitySize"
+ },
+ "WaitIntervalInSeconds": {
+ "$ref": "#/definitions/WaitIntervalInSeconds"
+ }
+ },
+ "type": "object"
+ },
"InferenceComponentRuntimeConfig": {
"additionalProperties": false,
"description": "The runtime config for the inference component",
@@ -128,6 +226,9 @@
"additionalProperties": false,
"description": "The specification for the inference component",
"properties": {
+ "BaseInferenceComponentName": {
+ "$ref": "#/definitions/BaseInferenceComponentName"
+ },
"ComputeResourceRequirements": {
"$ref": "#/definitions/InferenceComponentComputeResourceRequirements"
},
@@ -141,9 +242,6 @@
"$ref": "#/definitions/InferenceComponentStartupParameters"
}
},
- "required": [
- "ComputeResourceRequirements"
- ],
"type": "object"
},
"InferenceComponentStartupParameters": {
@@ -169,6 +267,11 @@
],
"type": "string"
},
+ "MaximumExecutionTimeoutInSeconds": {
+ "maximum": 28800,
+ "minimum": 600,
+ "type": "integer"
+ },
"MemoryInMb": {
"minimum": 128,
"type": "integer"
@@ -236,6 +339,11 @@
"maxLength": 63,
"pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9])*$",
"type": "string"
+ },
+ "WaitIntervalInSeconds": {
+ "maximum": 3600,
+ "minimum": 0,
+ "type": "integer"
}
},
"description": "Resource Type definition for AWS::SageMaker::InferenceComponent",
@@ -286,6 +394,9 @@
"CreationTime": {
"$ref": "#/definitions/Timestamp"
},
+ "DeploymentConfig": {
+ "$ref": "#/definitions/InferenceComponentDeploymentConfig"
+ },
"EndpointArn": {
"$ref": "#/definitions/EndpointArn"
},
@@ -332,12 +443,15 @@
],
"required": [
"EndpointName",
- "VariantName",
- "Specification",
- "RuntimeConfig"
+ "Specification"
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "sagemaker:DeleteTags"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
@@ -346,6 +460,7 @@
"typeName": "AWS::SageMaker::InferenceComponent",
"writeOnlyProperties": [
"/properties/Specification/Container/Image",
- "/properties/RuntimeConfig/CopyCount"
+ "/properties/RuntimeConfig/CopyCount",
+ "/properties/DeploymentConfig"
]
}
diff --git a/schema/aws-sagemaker-mlflowtrackingserver.json b/schema/aws-sagemaker-mlflowtrackingserver.json
index 30696c9..caaad79 100644
--- a/schema/aws-sagemaker-mlflowtrackingserver.json
+++ b/schema/aws-sagemaker-mlflowtrackingserver.json
@@ -41,14 +41,14 @@
"sagemaker:ListTags",
"iam:PassRole"
],
- "timeoutInMinutes": 65
+ "timeoutInMinutes": 95
},
"delete": {
"permissions": [
"sagemaker:DeleteMlflowTrackingServer",
"sagemaker:DescribeMlflowTrackingServer"
],
- "timeoutInMinutes": 65
+ "timeoutInMinutes": 95
},
"list": {
"permissions": [
diff --git a/schema/aws-sagemaker-modelbiasjobdefinition.json b/schema/aws-sagemaker-modelbiasjobdefinition.json
index 64265ff..752712c 100644
--- a/schema/aws-sagemaker-modelbiasjobdefinition.json
+++ b/schema/aws-sagemaker-modelbiasjobdefinition.json
@@ -529,7 +529,8 @@
"sagemaker:CreateModelBiasJobDefinition",
"sagemaker:DescribeModelBiasJobDefinition",
"iam:PassRole",
- "sagemaker:AddTags"
+ "sagemaker:AddTags",
+ "sagemaker:ListTags"
]
},
"delete": {
@@ -545,7 +546,8 @@
},
"read": {
"permissions": [
- "sagemaker:DescribeModelBiasJobDefinition"
+ "sagemaker:DescribeModelBiasJobDefinition",
+ "sagemaker:ListTags"
]
}
},
@@ -617,11 +619,19 @@
"JobResources",
"RoleArn"
],
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
"typeName": "AWS::SageMaker::ModelBiasJobDefinition",
"writeOnlyProperties": [
- "/properties/EndpointName",
- "/properties/Tags",
- "/properties/Tags/*/Key",
- "/properties/Tags/*/Value"
+ "/properties/EndpointName"
]
}
diff --git a/schema/aws-sagemaker-modelcard.json b/schema/aws-sagemaker-modelcard.json
index b3bb073..3def590 100644
--- a/schema/aws-sagemaker-modelcard.json
+++ b/schema/aws-sagemaker-modelcard.json
@@ -1021,6 +1021,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "sagemaker:DeleteTags"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-sagemaker-modelexplainabilityjobdefinition.json b/schema/aws-sagemaker-modelexplainabilityjobdefinition.json
index 49bee37..4d9ece4 100644
--- a/schema/aws-sagemaker-modelexplainabilityjobdefinition.json
+++ b/schema/aws-sagemaker-modelexplainabilityjobdefinition.json
@@ -483,7 +483,8 @@
"sagemaker:CreateModelExplainabilityJobDefinition",
"sagemaker:DescribeModelExplainabilityJobDefinition",
"iam:PassRole",
- "sagemaker:AddTags"
+ "sagemaker:AddTags",
+ "sagemaker:ListTags"
]
},
"delete": {
@@ -499,7 +500,8 @@
},
"read": {
"permissions": [
- "sagemaker:DescribeModelExplainabilityJobDefinition"
+ "sagemaker:DescribeModelExplainabilityJobDefinition",
+ "sagemaker:ListTags"
]
}
},
@@ -571,11 +573,19 @@
"JobResources",
"RoleArn"
],
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
"typeName": "AWS::SageMaker::ModelExplainabilityJobDefinition",
"writeOnlyProperties": [
- "/properties/EndpointName",
- "/properties/Tags",
- "/properties/Tags/*/Key",
- "/properties/Tags/*/Value"
+ "/properties/EndpointName"
]
}
diff --git a/schema/aws-sagemaker-modelpackage.json b/schema/aws-sagemaker-modelpackage.json
index aa63431..4f228c8 100644
--- a/schema/aws-sagemaker-modelpackage.json
+++ b/schema/aws-sagemaker-modelpackage.json
@@ -1,5 +1,9 @@
{
"additionalProperties": false,
+ "conditionalCreateOnlyProperties": [
+ "/properties/ModelCard",
+ "/properties/SourceUri"
+ ],
"createOnlyProperties": [
"/properties/ModelPackageGroupName",
"/properties/ModelPackageDescription",
@@ -12,7 +16,8 @@
"/properties/DriftCheckBaselines",
"/properties/Domain",
"/properties/Task",
- "/properties/SamplePayloadUrl"
+ "/properties/SamplePayloadUrl",
+ "/properties/SecurityConfig"
],
"definitions": {
"AdditionalInferenceSpecificationDefinition": {
@@ -423,6 +428,20 @@
],
"type": "object"
},
+ "ModelAccessConfig": {
+ "additionalProperties": false,
+ "description": "Specifies the access configuration file for the ML model.",
+ "properties": {
+ "AcceptEula": {
+ "description": "Specifies agreement to the model end-user license agreement (EULA).",
+ "type": "boolean"
+ }
+ },
+ "required": [
+ "AcceptEula"
+ ],
+ "type": "object"
+ },
"ModelApprovalStatus": {
"description": "The approval status of the model package.",
"enum": [
@@ -432,6 +451,34 @@
],
"type": "string"
},
+ "ModelCard": {
+ "additionalProperties": false,
+ "description": "The model card associated with the model package.",
+ "properties": {
+ "ModelCardContent": {
+ "description": "The content of the model card.",
+ "maxLength": 100000,
+ "minLength": 0,
+ "pattern": ".*",
+ "type": "string"
+ },
+ "ModelCardStatus": {
+ "description": "The approval status of the model card within your organization.",
+ "enum": [
+ "Draft",
+ "PendingReview",
+ "Approved",
+ "Archived"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "ModelCardContent",
+ "ModelCardStatus"
+ ],
+ "type": "object"
+ },
"ModelDataQuality": {
"additionalProperties": false,
"description": "Metrics that measure the quality of the input data for a model.",
@@ -445,6 +492,16 @@
},
"type": "object"
},
+ "ModelDataSource": {
+ "additionalProperties": false,
+ "description": "Specifies the location of ML model data to deploy during endpoint creation.",
+ "properties": {
+ "S3DataSource": {
+ "$ref": "#/definitions/S3ModelDataSource"
+ }
+ },
+ "type": "object"
+ },
"ModelMetrics": {
"additionalProperties": false,
"description": "A structure that contains model metrics reports.",
@@ -468,7 +525,7 @@
"description": "The Amazon Resource Name (ARN) of the model package group.",
"maxLength": 2048,
"minLength": 1,
- "pattern": "^arn:aws(-cn|-us-gov)?:sagemaker:[a-z0-9\\-]{9,16}:[0-9]{12}:model-package/[\\S]{1,2048}$",
+ "pattern": "^arn:aws(-cn|-us-gov|-iso-f)?:sagemaker:[a-z0-9\\-]{9,16}:[0-9]{12}:model-package/[\\S]{1,2048}$",
"type": "string"
},
"ModelPackageContainerDefinition": {
@@ -508,6 +565,9 @@
"pattern": "^[Ss][Hh][Aa]256:[0-9a-fA-F]{64}$",
"type": "string"
},
+ "ModelDataSource": {
+ "$ref": "#/definitions/ModelDataSource"
+ },
"ModelDataUrl": {
"description": "A structure with Model Input details.",
"maxLength": 1024,
@@ -664,12 +724,65 @@
],
"type": "object"
},
+ "S3ModelDataSource": {
+ "additionalProperties": false,
+ "description": "Specifies the S3 location of ML model data to deploy.",
+ "properties": {
+ "CompressionType": {
+ "description": "Specifies how the ML model data is prepared.",
+ "enum": [
+ "None",
+ "Gzip"
+ ],
+ "type": "string"
+ },
+ "ModelAccessConfig": {
+ "$ref": "#/definitions/ModelAccessConfig"
+ },
+ "S3DataType": {
+ "description": "Specifies the type of ML model data to deploy.",
+ "enum": [
+ "S3Prefix",
+ "S3Object"
+ ],
+ "type": "string"
+ },
+ "S3Uri": {
+ "description": "Specifies the S3 path of ML model data to deploy.",
+ "maxLength": 1024,
+ "pattern": "^(https|s3)://([^/]+)/?(.*)$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "S3DataType",
+ "S3Uri",
+ "CompressionType"
+ ],
+ "type": "object"
+ },
"SamplePayloadUrl": {
"description": "The Amazon Simple Storage Service (Amazon S3) path where the sample payload are stored pointing to single gzip compressed tar archive.",
"maxLength": 1024,
"pattern": "^(https|s3)://([^/]+)/?(.*)$",
"type": "string"
},
+ "SecurityConfig": {
+ "additionalProperties": false,
+ "description": "An optional AWS Key Management Service key to encrypt, decrypt, and re-encrypt model package information for regulated workloads with highly sensitive data.",
+ "properties": {
+ "KmsKeyId": {
+ "description": "The AWS KMS Key ID (KMSKeyId) used for encryption of model package information.",
+ "maxLength": 2048,
+ "pattern": "^[a-zA-Z0-9:/_-]*$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "KmsKeyId"
+ ],
+ "type": "object"
+ },
"SkipModelValidation": {
"description": "Indicates if you want to skip model validation.",
"enum": [
@@ -722,6 +835,13 @@
],
"type": "object"
},
+ "SourceUri": {
+ "description": "The URI of the source for the model package.",
+ "maxLength": 1024,
+ "minLength": 0,
+ "pattern": "[\\p{L}\\p{M}\\p{Z}\\p{N}\\p{P}]{0,1024}",
+ "type": "string"
+ },
"Tag": {
"additionalProperties": false,
"description": "A key-value pair to associate with a resource.",
@@ -961,14 +1081,22 @@
"sagemaker:DescribeTransformJob",
"sagemaker:DescribeModelPackage",
"sagemaker:ListTags",
+ "sagemaker:UpdateModelPackage",
"iam:PassRole",
- "s3:GetObject"
+ "s3:GetObject",
+ "s3:ListBucket",
+ "kms:CreateGrant",
+ "kms:DescribeKey",
+ "kms:GenerateDataKey",
+ "kms:Decrypt"
]
},
"delete": {
"permissions": [
"sagemaker:DeleteModelPackage",
- "sagemaker:DescribeModelPackage"
+ "sagemaker:DescribeModelPackage",
+ "kms:DescribeKey",
+ "kms:Decrypt"
]
},
"list": {
@@ -986,16 +1114,25 @@
"read": {
"permissions": [
"sagemaker:DescribeModelPackage",
- "sagemaker:ListTags"
+ "sagemaker:ListTags",
+ "kms:DescribeKey",
+ "kms:Decrypt"
]
},
"update": {
"permissions": [
+ "ecr:BatchGetImage",
"sagemaker:UpdateModelPackage",
"sagemaker:DescribeModelPackage",
"sagemaker:ListTags",
"sagemaker:AddTags",
- "sagemaker:DeleteTags"
+ "sagemaker:DeleteTags",
+ "s3:GetObject",
+ "s3:ListBucket",
+ "kms:CreateGrant",
+ "kms:DescribeKey",
+ "kms:GenerateDataKey",
+ "kms:Decrypt"
]
}
},
@@ -1042,6 +1179,9 @@
"ModelApprovalStatus": {
"$ref": "#/definitions/ModelApprovalStatus"
},
+ "ModelCard": {
+ "$ref": "#/definitions/ModelCard"
+ },
"ModelMetrics": {
"$ref": "#/definitions/ModelMetrics"
},
@@ -1069,12 +1209,18 @@
"SamplePayloadUrl": {
"$ref": "#/definitions/SamplePayloadUrl"
},
+ "SecurityConfig": {
+ "$ref": "#/definitions/SecurityConfig"
+ },
"SkipModelValidation": {
"$ref": "#/definitions/SkipModelValidation"
},
"SourceAlgorithmSpecification": {
"$ref": "#/definitions/SourceAlgorithmSpecification"
},
+ "SourceUri": {
+ "$ref": "#/definitions/SourceUri"
+ },
"Tags": {
"description": "An array of key-value pairs to apply to this resource.",
"items": {
@@ -1098,6 +1244,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-sagemaker",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "sagemaker:DeleteTags"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-sagemaker-modelpackagegroup.json b/schema/aws-sagemaker-modelpackagegroup.json
index 53124f0..6df4808 100644
--- a/schema/aws-sagemaker-modelpackagegroup.json
+++ b/schema/aws-sagemaker-modelpackagegroup.json
@@ -146,5 +146,17 @@
"required": [
"ModelPackageGroupName"
],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "sagemaker:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::SageMaker::ModelPackageGroup"
}
diff --git a/schema/aws-sagemaker-modelqualityjobdefinition.json b/schema/aws-sagemaker-modelqualityjobdefinition.json
index 436e332..755e907 100644
--- a/schema/aws-sagemaker-modelqualityjobdefinition.json
+++ b/schema/aws-sagemaker-modelqualityjobdefinition.json
@@ -555,6 +555,7 @@
"sagemaker:CreateModelQualityJobDefinition",
"sagemaker:DescribeModelQualityJobDefinition",
"sagemaker:AddTags",
+ "sagemaker:ListTags",
"iam:PassRole"
]
},
@@ -571,7 +572,8 @@
},
"read": {
"permissions": [
- "sagemaker:DescribeModelQualityJobDefinition"
+ "sagemaker:DescribeModelQualityJobDefinition",
+ "sagemaker:ListTags"
]
}
},
@@ -643,11 +645,19 @@
"JobResources",
"RoleArn"
],
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
"typeName": "AWS::SageMaker::ModelQualityJobDefinition",
"writeOnlyProperties": [
- "/properties/EndpointName",
- "/properties/Tags",
- "/properties/Tags/*/Key",
- "/properties/Tags/*/Value"
+ "/properties/EndpointName"
]
}
diff --git a/schema/aws-sagemaker-partnerapp.json b/schema/aws-sagemaker-partnerapp.json
new file mode 100644
index 0000000..eeb93d8
--- /dev/null
+++ b/schema/aws-sagemaker-partnerapp.json
@@ -0,0 +1,254 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/Name",
+ "/properties/Type",
+ "/properties/ExecutionRoleArn",
+ "/properties/AuthType",
+ "/properties/KmsKeyId"
+ ],
+ "definitions": {
+ "PartnerAppAdminUserList": {
+ "additionalProperties": false,
+ "description": "A collection of AdminUsers for the PartnerApp",
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ },
+ "PartnerAppConfig": {
+ "additionalProperties": false,
+ "description": "A collection of configuration settings for the PartnerApp.",
+ "properties": {
+ "AdminUsers": {
+ "description": "A list of users with administrator privileges for the PartnerApp.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/PartnerAppAdminUserList"
+ },
+ "maxItems": 5,
+ "minItems": 0,
+ "type": "array",
+ "uniqueItems": true
+ },
+ "Arguments": {
+ "additionalProperties": false,
+ "description": "A list of arguments to pass to the PartnerApp.",
+ "maxProperties": 5,
+ "patternProperties": {
+ "^(?!\\s*$).{1,256}$": {
+ "maxLength": 1024,
+ "pattern": "^.{0,1024}$",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "type": "object"
+ },
+ "PartnerAppMaintenanceConfig": {
+ "additionalProperties": false,
+ "description": "A collection of settings that specify the maintenance schedule for the PartnerApp.",
+ "properties": {
+ "MaintenanceWindowStart": {
+ "description": "The maintenance window start day and time for the PartnerApp.",
+ "maxLength": 9,
+ "pattern": "(Mon|Tue|Wed|Thu|Fri|Sat|Sun):([01]\\d|2[0-3]):([0-5]\\d)",
+ "type": "string"
+ }
+ },
+ "required": [
+ "MaintenanceWindowStart"
+ ],
+ "type": "object"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ }
+ },
+ "deprecatedProperties": [
+ "/properties/ClientToken"
+ ],
+ "description": "Resource Type definition for AWS::SageMaker::PartnerApp",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "sagemaker:CreatePartnerApp",
+ "sagemaker:DescribePartnerApp",
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "iam:PassRole",
+ "kms:CreateGrant",
+ "kms:DescribeKey"
+ ],
+ "timeoutInMinutes": 180
+ },
+ "delete": {
+ "permissions": [
+ "sagemaker:DeletePartnerApp",
+ "sagemaker:DescribePartnerApp",
+ "sagemaker:DeleteTags"
+ ],
+ "timeoutInMinutes": 240
+ },
+ "list": {
+ "permissions": [
+ "sagemaker:ListPartnerApps",
+ "sagemaker:DescribePartnerApp",
+ "sagemaker:ListTags"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "sagemaker:DescribePartnerApp",
+ "sagemaker:ListTags"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "sagemaker:UpdatePartnerApp",
+ "sagemaker:DescribePartnerApp",
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "sagemaker:DeleteTags",
+ "kms:DescribeKey"
+ ],
+ "timeoutInMinutes": 180
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn"
+ ],
+ "properties": {
+ "ApplicationConfig": {
+ "$ref": "#/definitions/PartnerAppConfig",
+ "description": "A collection of settings that specify the maintenance schedule for the PartnerApp."
+ },
+ "Arn": {
+ "description": "The Amazon Resource Name (ARN) of the created PartnerApp.",
+ "maxLength": 128,
+ "minLength": 1,
+ "pattern": "arn:aws[a-z\\-]*:sagemaker:[a-z0-9\\-]*:[0-9]{12}:partner-app/app-[A-Z0-9]{12}$",
+ "type": "string"
+ },
+ "AuthType": {
+ "description": "The Auth type of PartnerApp.",
+ "enum": [
+ "IAM"
+ ],
+ "type": "string"
+ },
+ "BaseUrl": {
+ "description": "The AppServerUrl based on app and account-info.",
+ "maxLength": 2048,
+ "type": "string"
+ },
+ "ClientToken": {
+ "description": "The client token for the PartnerApp.",
+ "maxLength": 36,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9-]+$",
+ "type": "string"
+ },
+ "EnableIamSessionBasedIdentity": {
+ "description": "Enables IAM Session based Identity for PartnerApp.",
+ "type": "boolean"
+ },
+ "ExecutionRoleArn": {
+ "description": "The execution role for the user.",
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:aws[a-z\\-]*:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$",
+ "type": "string"
+ },
+ "KmsKeyId": {
+ "description": "The AWS KMS customer managed key used to encrypt the data associated with the PartnerApp.",
+ "maxLength": 2048,
+ "pattern": ".*",
+ "type": "string"
+ },
+ "MaintenanceConfig": {
+ "$ref": "#/definitions/PartnerAppMaintenanceConfig",
+ "description": "A collection of settings that specify the maintenance schedule for the PartnerApp."
+ },
+ "Name": {
+ "description": "A name for the PartnerApp.",
+ "maxLength": 256,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9]+",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "A list of tags to apply to the PartnerApp.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 50,
+ "minItems": 0,
+ "type": "array",
+ "uniqueItems": false
+ },
+ "Tier": {
+ "description": "The tier of the PartnerApp.",
+ "maxLength": 64,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Type": {
+ "description": "The type of PartnerApp.",
+ "enum": [
+ "lakera-guard",
+ "comet",
+ "deepchecks-llm-evaluation",
+ "fiddler"
+ ],
+ "type": "string"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/BaseUrl"
+ ],
+ "replacementStrategy": "delete_then_create",
+ "required": [
+ "Name",
+ "Type",
+ "AuthType",
+ "ExecutionRoleArn",
+ "Tier"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:DeleteTags",
+ "sagemaker:ListTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::SageMaker::PartnerApp",
+ "writeOnlyProperties": [
+ "/properties/ClientToken"
+ ]
+}
diff --git a/schema/aws-sagemaker-pipeline.json b/schema/aws-sagemaker-pipeline.json
index 4479971..9ac8584 100644
--- a/schema/aws-sagemaker-pipeline.json
+++ b/schema/aws-sagemaker-pipeline.json
@@ -173,5 +173,17 @@
"PipelineDefinition",
"RoleArn"
],
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "sagemaker:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::SageMaker::Pipeline"
}
diff --git a/schema/aws-sagemaker-project.json b/schema/aws-sagemaker-project.json
index 31f8368..00491ba 100644
--- a/schema/aws-sagemaker-project.json
+++ b/schema/aws-sagemaker-project.json
@@ -238,5 +238,17 @@
"ProjectName",
"ServiceCatalogProvisioningDetails"
],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "sagemaker:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::SageMaker::Project"
}
diff --git a/schema/aws-sagemaker-space.json b/schema/aws-sagemaker-space.json
index 6a0e517..dbbd6f4 100644
--- a/schema/aws-sagemaker-space.json
+++ b/schema/aws-sagemaker-space.json
@@ -39,6 +39,9 @@
"properties": {
"EFSFileSystem": {
"$ref": "#/definitions/EFSFileSystem"
+ },
+ "FSxLustreFileSystem": {
+ "$ref": "#/definitions/FSxLustreFileSystem"
}
},
"type": "object"
@@ -109,6 +112,21 @@
],
"type": "object"
},
+ "FSxLustreFileSystem": {
+ "additionalProperties": false,
+ "properties": {
+ "FileSystemId": {
+ "maxLength": 21,
+ "minLength": 11,
+ "pattern": "^(fs-[0-9a-f]{8,})$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "FileSystemId"
+ ],
+ "type": "object"
+ },
"JupyterServerAppSettings": {
"additionalProperties": false,
"description": "The JupyterServer app settings.",
@@ -267,10 +285,22 @@
},
"type": "object"
},
+ "SpaceAppLifecycleManagement": {
+ "additionalProperties": false,
+ "properties": {
+ "IdleSettings": {
+ "$ref": "#/definitions/SpaceIdleSettings"
+ }
+ },
+ "type": "object"
+ },
"SpaceCodeEditorAppSettings": {
"additionalProperties": false,
"description": "The CodeEditor app settings.",
"properties": {
+ "AppLifecycleManagement": {
+ "$ref": "#/definitions/SpaceAppLifecycleManagement"
+ },
"DefaultResourceSpec": {
"$ref": "#/definitions/ResourceSpec"
}
@@ -282,10 +312,25 @@
"minimum": 5,
"type": "integer"
},
+ "SpaceIdleSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "IdleTimeoutInMinutes": {
+ "description": "The space idle timeout value set in minutes",
+ "maximum": 525600,
+ "minimum": 60,
+ "type": "integer"
+ }
+ },
+ "type": "object"
+ },
"SpaceJupyterLabAppSettings": {
"additionalProperties": false,
"description": "The JupyterServer app settings.",
"properties": {
+ "AppLifecycleManagement": {
+ "$ref": "#/definitions/SpaceAppLifecycleManagement"
+ },
"CodeRepositories": {
"description": "A list of CodeRepositories available for use with JupyterLab apps.",
"items": {
@@ -392,29 +437,37 @@
"create": {
"permissions": [
"sagemaker:CreateSpace",
- "sagemaker:DescribeSpace"
+ "sagemaker:DescribeSpace",
+ "sagemaker:ListTags",
+ "sagemaker:AddTags"
]
},
"delete": {
"permissions": [
"sagemaker:DeleteSpace",
- "sagemaker:DescribeSpace"
+ "sagemaker:DescribeSpace",
+ "sagemaker:DeleteTags"
]
},
"list": {
"permissions": [
- "sagemaker:ListSpaces"
+ "sagemaker:ListSpaces",
+ "sagemaker:ListTags"
]
},
"read": {
"permissions": [
- "sagemaker:DescribeSpace"
+ "sagemaker:DescribeSpace",
+ "sagemaker:ListTags"
]
},
"update": {
"permissions": [
"sagemaker:UpdateSpace",
- "sagemaker:DescribeSpace"
+ "sagemaker:DescribeSpace",
+ "sagemaker:AddTags",
+ "sagemaker:DeleteTags",
+ "sagemaker:ListTags"
]
}
},
@@ -484,6 +537,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:DeleteTags",
+ "sagemaker:ListTags"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
@@ -491,7 +549,6 @@
},
"typeName": "AWS::SageMaker::Space",
"writeOnlyProperties": [
- "/properties/SpaceSettings",
- "/properties/Tags"
+ "/properties/SpaceSettings"
]
}
diff --git a/schema/aws-sagemaker-studiolifecycleconfig.json b/schema/aws-sagemaker-studiolifecycleconfig.json
new file mode 100644
index 0000000..e4ff63e
--- /dev/null
+++ b/schema/aws-sagemaker-studiolifecycleconfig.json
@@ -0,0 +1,130 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/StudioLifecycleConfigAppType",
+ "/properties/StudioLifecycleConfigContent",
+ "/properties/StudioLifecycleConfigName",
+ "/properties/Tags"
+ ],
+ "definitions": {
+ "Tag": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "Resource Type definition for AWS::SageMaker::StudioLifecycleConfig",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "sagemaker:CreateStudioLifecycleConfig",
+ "sagemaker:DescribeStudioLifecycleConfig",
+ "sagemaker:AddTags",
+ "sagemaker:ListTags"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "sagemaker:DeleteStudioLifecycleConfig",
+ "sagemaker:DescribeStudioLifecycleConfig",
+ "sagemaker:DeleteTags",
+ "sagemaker:ListTags"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "sagemaker:ListStudioLifecycleConfigs",
+ "sagemaker:ListTags"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "sagemaker:DescribeStudioLifecycleConfig",
+ "sagemaker:ListTags"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/StudioLifecycleConfigName"
+ ],
+ "properties": {
+ "StudioLifecycleConfigAppType": {
+ "description": "The App type that the Lifecycle Configuration is attached to.",
+ "enum": [
+ "JupyterServer",
+ "KernelGateway",
+ "CodeEditor",
+ "JupyterLab"
+ ],
+ "type": "string"
+ },
+ "StudioLifecycleConfigArn": {
+ "description": "The Amazon Resource Name (ARN) of the Lifecycle Configuration.",
+ "maxLength": 256,
+ "minLength": 1,
+ "pattern": "arn:aws[a-z\\-]*:sagemaker:[a-z0-9\\-]*:[0-9]{12}:studio-lifecycle-config/.*",
+ "type": "string"
+ },
+ "StudioLifecycleConfigContent": {
+ "description": "The content of your Amazon SageMaker Studio Lifecycle Configuration script. This content must be base64 encoded.",
+ "maxLength": 16384,
+ "minLength": 1,
+ "pattern": "[\\S\\s]+",
+ "type": "string"
+ },
+ "StudioLifecycleConfigName": {
+ "description": "The name of the Amazon SageMaker Studio Lifecycle Configuration.",
+ "maxLength": 63,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9](-*[a-zA-Z0-9]){0,62}",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "Tags to be associated with the Lifecycle Configuration. Each tag consists of a key and an optional value. Tag keys must be unique per resource. Tags are searchable using the Search API.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 50,
+ "minItems": 0,
+ "type": "array",
+ "uniqueItems": false
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/StudioLifecycleConfigArn"
+ ],
+ "required": [
+ "StudioLifecycleConfigAppType",
+ "StudioLifecycleConfigContent",
+ "StudioLifecycleConfigName"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "sagemaker:AddTags",
+ "sagemaker:ListTags",
+ "sagemaker:DeleteTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
+ "typeName": "AWS::SageMaker::StudioLifecycleConfig"
+}
diff --git a/schema/aws-sagemaker-userprofile.json b/schema/aws-sagemaker-userprofile.json
index 8ad8c3f..2589ffc 100644
--- a/schema/aws-sagemaker-userprofile.json
+++ b/schema/aws-sagemaker-userprofile.json
@@ -10,6 +10,15 @@
"/properties/Tags"
],
"definitions": {
+ "AppLifecycleManagement": {
+ "additionalProperties": false,
+ "properties": {
+ "IdleSettings": {
+ "$ref": "#/definitions/IdleSettings"
+ }
+ },
+ "type": "object"
+ },
"AppType": {
"enum": [
"JupyterServer",
@@ -26,12 +35,15 @@
"additionalProperties": false,
"description": "The CodeEditor app settings.",
"properties": {
+ "AppLifecycleManagement": {
+ "$ref": "#/definitions/AppLifecycleManagement"
+ },
"CustomImages": {
"description": "A list of custom images for use for CodeEditor apps.",
"items": {
"$ref": "#/definitions/CustomImage"
},
- "maxItems": 30,
+ "maxItems": 200,
"minItems": 0,
"type": "array",
"uniqueItems": false
@@ -73,6 +85,9 @@
"properties": {
"EFSFileSystemConfig": {
"$ref": "#/definitions/EFSFileSystemConfig"
+ },
+ "FSxLustreFileSystemConfig": {
+ "$ref": "#/definitions/FSxLustreFileSystemConfig"
}
},
"type": "object"
@@ -175,10 +190,58 @@
],
"type": "object"
},
+ "FSxLustreFileSystemConfig": {
+ "additionalProperties": false,
+ "properties": {
+ "FileSystemId": {
+ "maxLength": 21,
+ "minLength": 11,
+ "pattern": "^(fs-[0-9a-f]{8,})$",
+ "type": "string"
+ },
+ "FileSystemPath": {
+ "maxLength": 256,
+ "minLength": 1,
+ "pattern": "^\\/\\S*$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "FileSystemId"
+ ],
+ "type": "object"
+ },
+ "IdleSettings": {
+ "additionalProperties": false,
+ "properties": {
+ "IdleTimeoutInMinutes": {
+ "$ref": "#/definitions/IdleTimeoutInMinutes"
+ },
+ "LifecycleManagement": {
+ "$ref": "#/definitions/LifecycleManagement"
+ },
+ "MaxIdleTimeoutInMinutes": {
+ "$ref": "#/definitions/MaxIdleTimeoutInMinutes"
+ },
+ "MinIdleTimeoutInMinutes": {
+ "$ref": "#/definitions/MinIdleTimeoutInMinutes"
+ }
+ },
+ "type": "object"
+ },
+ "IdleTimeoutInMinutes": {
+ "description": "The idle timeout value set in minutes",
+ "maximum": 525600,
+ "minimum": 60,
+ "type": "integer"
+ },
"JupyterLabAppSettings": {
"additionalProperties": false,
"description": "The JupyterLab app settings.",
"properties": {
+ "AppLifecycleManagement": {
+ "$ref": "#/definitions/AppLifecycleManagement"
+ },
"CodeRepositories": {
"description": "A list of CodeRepositories available for use with JupyterLab apps.",
"items": {
@@ -194,7 +257,7 @@
"items": {
"$ref": "#/definitions/CustomImage"
},
- "maxItems": 30,
+ "maxItems": 200,
"minItems": 0,
"type": "array",
"uniqueItems": false
@@ -267,12 +330,32 @@
},
"type": "object"
},
+ "LifecycleManagement": {
+ "description": "A flag to enable/disable AppLifecycleManagement settings",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "MaxIdleTimeoutInMinutes": {
+ "description": "The maximum idle timeout value set in minutes",
+ "maximum": 525600,
+ "minimum": 60,
+ "type": "integer"
+ },
+ "MinIdleTimeoutInMinutes": {
+ "description": "The minimum idle timeout value set in minutes",
+ "maximum": 525600,
+ "minimum": 60,
+ "type": "integer"
+ },
"MlTools": {
"enum": [
"DataWrangler",
"FeatureStore",
"EmrClusters",
- "AutoML",
+ "AutoMl",
"Experiments",
"Training",
"ModelEvaluation",
@@ -281,7 +364,14 @@
"JumpStart",
"InferenceRecommender",
"Endpoints",
- "Projects"
+ "Projects",
+ "InferenceOptimization",
+ "HyperPodClusters",
+ "Comet",
+ "DeepchecksLLMEvaluation",
+ "Fiddler",
+ "LakeraGuard",
+ "PerformanceEvaluation"
],
"type": "string"
},
diff --git a/schema/aws-scheduler-schedule.json b/schema/aws-scheduler-schedule.json
index 64ce92a..368e379 100644
--- a/schema/aws-scheduler-schedule.json
+++ b/schema/aws-scheduler-schedule.json
@@ -89,7 +89,7 @@
"description": "The ARN of the SQS queue specified as the target for the dead-letter queue.",
"maxLength": 1600,
"minLength": 1,
- "pattern": "^arn:aws(-[a-z]+)?:sqs:[a-z0-9\\-]+:\\d{12}:[a-zA-Z0-9\\-_]+$",
+ "pattern": "^arn:aws[a-z-]*:sqs:[a-z0-9\\-]+:\\d{12}:[a-zA-Z0-9\\-_]+$",
"type": "string"
}
},
@@ -454,7 +454,7 @@
"description": "The Amazon Resource Name (ARN) of the IAM role to be used for this target when the schedule is triggered.",
"maxLength": 1600,
"minLength": 1,
- "pattern": "^arn:aws(-[a-z]+)?:iam::\\d{12}:role\\/[\\w+=,.@\\/-]+$",
+ "pattern": "^arn:aws[a-z-]*:iam::\\d{12}:role\\/[\\w+=,.@\\/-]+$",
"type": "string"
},
"SageMakerPipelineParameters": {
@@ -512,7 +512,7 @@
"description": "The Amazon Resource Name (ARN) of the schedule.",
"maxLength": 1224,
"minLength": 1,
- "pattern": "^arn:aws(-[a-z]+)?:scheduler:[a-z0-9\\-]+:\\d{12}:schedule\\/[0-9a-zA-Z-_.]+\\/[0-9a-zA-Z-_.]+$",
+ "pattern": "^arn:aws[a-z-]*:scheduler:[a-z0-9\\-]+:\\d{12}:schedule\\/[0-9a-zA-Z-_.]+\\/[0-9a-zA-Z-_.]+$",
"type": "string"
},
"Description": {
@@ -540,7 +540,7 @@
"description": "The ARN for a KMS Key that will be used to encrypt customer data.",
"maxLength": 2048,
"minLength": 1,
- "pattern": "^arn:aws(-[a-z]+)?:kms:[a-z0-9\\-]+:\\d{12}:(key|alias)\\/[0-9a-zA-Z-_]*$",
+ "pattern": "^arn:aws[a-z-]*:kms:[a-z0-9\\-]+:\\d{12}:(key|alias)\\/[0-9a-zA-Z-_]*$",
"type": "string"
},
"Name": {
diff --git a/schema/aws-scheduler-schedulegroup.json b/schema/aws-scheduler-schedulegroup.json
index 5f811a5..697f23d 100644
--- a/schema/aws-scheduler-schedulegroup.json
+++ b/schema/aws-scheduler-schedulegroup.json
@@ -81,7 +81,7 @@
"description": "The Amazon Resource Name (ARN) of the schedule group.",
"maxLength": 1224,
"minLength": 1,
- "pattern": "^arn:aws(-[a-z]+)?:scheduler:[a-z0-9\\-]+:\\d{12}:schedule-group\\/[0-9a-zA-Z-_.]+$",
+ "pattern": "^arn:aws[a-z-]*:scheduler:[a-z0-9\\-]+:\\d{12}:schedule-group\\/[0-9a-zA-Z-_.]+$",
"type": "string"
},
"CreationDate": {
@@ -122,6 +122,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "scheduler:UntagResource",
+ "scheduler:ListTagsForResource",
+ "scheduler:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-secretsmanager-rotationschedule.json b/schema/aws-secretsmanager-rotationschedule.json
index b5a7e3f..ba7d8b5 100644
--- a/schema/aws-secretsmanager-rotationschedule.json
+++ b/schema/aws-secretsmanager-rotationschedule.json
@@ -8,36 +8,47 @@
"additionalProperties": false,
"properties": {
"ExcludeCharacters": {
+ "description": "A string of the characters that you don't want in the password.",
"type": "string"
},
"KmsKeyArn": {
+ "description": "The ARN of the KMS key that Secrets Manager uses to encrypt the secret. If you don't specify this value, then Secrets Manager uses the key aws/secretsmanager. If aws/secretsmanager doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value.",
"type": "string"
},
"MasterSecretArn": {
+ "description": "The ARN of the secret that contains superuser credentials, if you use the alternating users rotation strategy. CloudFormation grants the execution role for the Lambda rotation function GetSecretValue permission to the secret in this property.",
"type": "string"
},
"MasterSecretKmsKeyArn": {
+ "description": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the alternating users strategy and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key aws/secretsmanager. CloudFormation grants the execution role for the Lambda rotation function Decrypt, DescribeKey, and GenerateDataKey permission to the key in this property.",
"type": "string"
},
"RotationLambdaName": {
+ "description": "The name of the Lambda rotation function.",
"type": "string"
},
"RotationType": {
+ "description": "The type of rotation template to use",
"type": "string"
},
"Runtime": {
+ "description": "The python runtime associated with the Lambda function",
"type": "string"
},
"SuperuserSecretArn": {
+ "description": "The ARN of the secret that contains superuser credentials, if you use the alternating users rotation strategy. CloudFormation grants the execution role for the Lambda rotation function GetSecretValue permission to the secret in this property.",
"type": "string"
},
"SuperuserSecretKmsKeyArn": {
+ "description": "The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the alternating users strategy and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key aws/secretsmanager. CloudFormation grants the execution role for the Lambda rotation function Decrypt, DescribeKey, and GenerateDataKey permission to the key in this property.",
"type": "string"
},
"VpcSecurityGroupIds": {
+ "description": "A comma-separated list of security group IDs applied to the target database.",
"type": "string"
},
"VpcSubnetIds": {
+ "description": "A comma separated list of VPC subnet IDs of the target database network. The Lambda rotation function is in the same subnet group.",
"type": "string"
}
},
@@ -50,12 +61,15 @@
"additionalProperties": false,
"properties": {
"AutomaticallyAfterDays": {
+ "description": "The number of days between automatic scheduled rotations of the secret. You can use this value to check that your secret meets your compliance guidelines for how often secrets must be rotated.",
"type": "integer"
},
"Duration": {
+ "description": "The length of the rotation window in hours, for example 3h for a three hour window. Secrets Manager rotates your secret at any time during this window. The window must not extend into the next rotation window or the next UTC day. The window starts according to the ScheduleExpression. If you don't specify a Duration, for a ScheduleExpression in hours, the window automatically closes after one hour. For a ScheduleExpression in days, the window automatically closes at the end of the UTC day.",
"type": "string"
},
"ScheduleExpression": {
+ "description": "A cron() or rate() expression that defines the schedule for rotating your secret. Secrets Manager rotation schedules use UTC time zone.",
"type": "string"
}
},
@@ -63,26 +77,65 @@
}
},
"description": "Resource Type definition for AWS::SecretsManager::RotationSchedule",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "secretsmanager:RotateSecret",
+ "secretsmanager:DescribeSecret",
+ "lambda:InvokeFunction"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "secretsmanager:CancelRotateSecret",
+ "secretsmanager:DescribeSecret"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "secretsmanager:DescribeSecret",
+ "secretsmanager:ListSecrets"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "secretsmanager:DescribeSecret"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "secretsmanager:RotateSecret",
+ "secretsmanager:DescribeSecret",
+ "lambda:InvokeFunction"
+ ]
+ }
+ },
"primaryIdentifier": [
"/properties/Id"
],
"properties": {
"HostedRotationLambda": {
- "$ref": "#/definitions/HostedRotationLambda"
+ "$ref": "#/definitions/HostedRotationLambda",
+ "description": "Creates a new Lambda rotation function based on one of the Secrets Manager rotation function templates. To use a rotation function that already exists, specify RotationLambdaARN instead."
},
"Id": {
+ "description": "The ARN of the secret.",
"type": "string"
},
"RotateImmediatelyOnUpdate": {
+ "description": "Specifies whether to rotate the secret immediately or wait until the next scheduled rotation window.",
"type": "boolean"
},
"RotationLambdaARN": {
+ "description": "The ARN of an existing Lambda rotation function. To specify a rotation function that is also defined in this template, use the Ref function.",
"type": "string"
},
"RotationRules": {
- "$ref": "#/definitions/RotationRules"
+ "$ref": "#/definitions/RotationRules",
+ "description": "A structure that defines the rotation configuration for this secret."
},
"SecretId": {
+ "description": "The ARN or name of the secret to rotate.",
"type": "string"
}
},
@@ -92,5 +145,24 @@
"required": [
"SecretId"
],
- "typeName": "AWS::SecretsManager::RotationSchedule"
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-secretsmanager",
+ "tagging": {
+ "taggable": false
+ },
+ "typeName": "AWS::SecretsManager::RotationSchedule",
+ "writeOnlyProperties": [
+ "/properties/RotateImmediatelyOnUpdate",
+ "/properties/HostedRotationLambda",
+ "/properties/HostedRotationLambda/ExcludeCharacters",
+ "/properties/HostedRotationLambda/KmsKeyArn",
+ "/properties/HostedRotationLambda/MasterSecretArn",
+ "/properties/HostedRotationLambda/MasterSecretKmsKeyArn",
+ "/properties/HostedRotationLambda/RotationLambdaName",
+ "/properties/HostedRotationLambda/RotationType",
+ "/properties/HostedRotationLambda/Runtime",
+ "/properties/HostedRotationLambda/SuperuserSecretArn",
+ "/properties/HostedRotationLambda/SuperuserSecretKmsKeyArn",
+ "/properties/HostedRotationLambda/VpcSecurityGroupIds",
+ "/properties/HostedRotationLambda/VpcSubnetIds"
+ ]
}
diff --git a/schema/aws-secretsmanager-secret.json b/schema/aws-secretsmanager-secret.json
index c499d9b..03cb5c5 100644
--- a/schema/aws-secretsmanager-secret.json
+++ b/schema/aws-secretsmanager-secret.json
@@ -1,4 +1,5 @@
{
+ "$comment": "If you make any changes to this schema, be sure to also modify the regional schema template that generates schemas for contract tests: secret/templates/{region.region_name}_schema.json.erb",
"$schema": "https://schema.cloudformation.us-east-1.amazonaws.com/provider.definition.schema.v1.json",
"additionalProperties": false,
"createOnlyProperties": [
@@ -90,7 +91,7 @@
"type": "object"
}
},
- "description": "Creates a new secret. A *secret* can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager.\n For RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html).\n To retrieve a secret in a CFNshort template, use a *dynamic reference*. For more information, see [Retrieve a secret in an resource](https://docs.aws.amazon.com/secretsmanager/latest/userguide/cfn-example_reference-secret.html).\n A common scenario is to first create a secret with ``GenerateSecretString``, which generates a password, and then use a dynamic reference to retrieve the username and password from the secret to use as credentials for a new database. See the example *Creating a Redshift cluster and a secret for the admin credentials*.\n For information about creating a secret in the console, see [Create a secret](https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html). For information about creating a secret using the CLI or SDK, see [CreateSecret](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html).\n For information about retrieving a secret in code, see [Retrieve secrets from Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html).",
+ "description": "Creates a new secret. A *secret* can be a password, a set of credentials such as a user name and password, an OAuth token, or other secret information that you store in an encrypted form in Secrets Manager.\n For RDS master user credentials, see [AWS::RDS::DBCluster MasterUserSecret](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbcluster-masterusersecret.html).\n For RS admin user credentials, see [AWS::Redshift::Cluster](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-redshift-cluster.html).\n To retrieve a secret in a CFNshort template, use a *dynamic reference*. For more information, see [Retrieve a secret in an resource](https://docs.aws.amazon.com/secretsmanager/latest/userguide/cfn-example_reference-secret.html).\n For information about creating a secret in the console, see [Create a secret](https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html). For information about creating a secret using the CLI or SDK, see [CreateSecret](https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_CreateSecret.html).\n For information about retrieving a secret in code, see [Retrieve secrets from Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html).",
"handlers": {
"create": {
"permissions": [
@@ -184,6 +185,10 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-secretsmanager.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "secretsmanager:UntagResource",
+ "secretsmanager:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-secretsmanager-secrettargetattachment.json b/schema/aws-secretsmanager-secrettargetattachment.json
index 46cfe60..52f5f7e 100644
--- a/schema/aws-secretsmanager-secrettargetattachment.json
+++ b/schema/aws-secretsmanager-secrettargetattachment.json
@@ -1,6 +1,53 @@
{
+ "$schema": "https://raw.githubusercontent.com/aws-cloudformation/cloudformation-resource-schema/blob/master/src/main/resources/schema/provider.definition.schema.v1.json",
"additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/SecretId"
+ ],
"description": "Resource Type definition for AWS::SecretsManager::SecretTargetAttachment",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "secretsmanager:GetSecretValue",
+ "secretsmanager:PutSecretValue",
+ "rds:DescribeDBInstances",
+ "redshift:DescribeClusters",
+ "rds:DescribeDBClusters",
+ "docdb-elastic:GetCluster",
+ "redshift-serverless:ListWorkgroups",
+ "redshift-serverless:GetNamespace"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "secretsmanager:GetSecretValue",
+ "secretsmanager:PutSecretValue"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "secretsmanager:GetSecretValue",
+ "secretsmanager:ListSecrets"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "secretsmanager:GetSecretValue"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "secretsmanager:GetSecretValue",
+ "secretsmanager:PutSecretValue",
+ "rds:DescribeDBInstances",
+ "redshift:DescribeClusters",
+ "rds:DescribeDBClusters",
+ "docdb-elastic:GetCluster",
+ "redshift-serverless:ListWorkgroups",
+ "redshift-serverless:GetNamespace"
+ ]
+ }
+ },
"primaryIdentifier": [
"/properties/Id"
],
@@ -26,5 +73,8 @@
"TargetId",
"SecretId"
],
+ "tagging": {
+ "taggable": false
+ },
"typeName": "AWS::SecretsManager::SecretTargetAttachment"
}
diff --git a/schema/aws-securityhub-automationrule.json b/schema/aws-securityhub-automationrule.json
index faddc15..6693a45 100644
--- a/schema/aws-securityhub-automationrule.json
+++ b/schema/aws-securityhub-automationrule.json
@@ -2,14 +2,14 @@
"additionalProperties": false,
"definitions": {
"AutomationRulesAction": {
- "description": "",
+ "description": "One or more actions that ASHlong takes when a finding matches the defined criteria of a rule.",
"properties": {
"FindingFieldsUpdate": {
"$ref": "#/definitions/AutomationRulesFindingFieldsUpdate",
- "description": ""
+ "description": "Specifies that the automation rule action is an update to a finding field."
},
"Type": {
- "description": "",
+ "description": "Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule.",
"enum": [
"FINDING_FIELDS_UPDATE"
],
@@ -23,15 +23,15 @@
"type": "object"
},
"AutomationRulesFindingFieldsUpdate": {
- "description": "The rule action will update the ``Note`` field of a finding.",
+ "description": "Identifies the finding fields that the automation rule action updates when a finding matches the defined criteria.",
"properties": {
"Confidence": {
"$ref": "#/definitions/int100",
- "description": ""
+ "description": "The rule action updates the ``Confidence`` field of a finding."
},
"Criticality": {
"$ref": "#/definitions/int100",
- "description": ""
+ "description": "The rule action updates the ``Criticality`` field of a finding."
},
"Note": {
"$ref": "#/definitions/NoteUpdate",
@@ -53,7 +53,7 @@
"type": "object"
},
"Types": {
- "description": "",
+ "description": "The rule action updates the ``Types`` field of a finding.",
"items": {
"pattern": "^([^/]+)(/[^/]+){0,2}$",
"type": "string"
@@ -64,10 +64,10 @@
},
"UserDefinedFields": {
"$ref": "#/definitions/map",
- "description": ""
+ "description": "The rule action updates the ``UserDefinedFields`` field of a finding."
},
"VerificationState": {
- "description": "",
+ "description": "The rule action updates the ``VerificationState`` field of a finding.",
"enum": [
"UNKNOWN",
"TRUE_POSITIVE",
@@ -86,10 +86,10 @@
},
"AutomationRulesFindingFilters": {
"additionalProperties": false,
- "description": "",
+ "description": "The criteria that determine which findings a rule applies to.",
"properties": {
"AwsAccountId": {
- "description": "",
+ "description": "The AWS-account ID in which a finding was generated.\n Array Members: Minimum number of 1 item. Maximum number of 100 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -97,7 +97,7 @@
"type": "array"
},
"CompanyName": {
- "description": "",
+ "description": "The name of the company for the product that generated the finding. For control-based findings, the company is AWS. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -105,7 +105,7 @@
"type": "array"
},
"ComplianceAssociatedStandardsId": {
- "description": "",
+ "description": "The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response.\n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -113,7 +113,7 @@
"type": "array"
},
"ComplianceSecurityControlId": {
- "description": "",
+ "description": "The security control ID for which a finding was generated. Security control IDs are the same across standards.\n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -121,7 +121,7 @@
"type": "array"
},
"ComplianceStatus": {
- "description": "",
+ "description": "The result of a security check. This field is only used for findings generated from controls. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -129,7 +129,7 @@
"type": "array"
},
"Confidence": {
- "description": "",
+ "description": "The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. ``Confidence`` is scored on a 0\u2013100 basis using a ratio scale. A value of ``0`` means 0 percent confidence, and a value of ``100`` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see [Confidence](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence) in the *User Guide*.\n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/NumberFilter"
},
@@ -137,7 +137,7 @@
"type": "array"
},
"CreatedAt": {
- "description": "",
+ "description": "A timestamp that indicates when this finding record was created. \n For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps).\n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/DateFilter"
},
@@ -145,7 +145,7 @@
"type": "array"
},
"Criticality": {
- "description": "",
+ "description": "The level of importance that is assigned to the resources that are associated with a finding. ``Criticality`` is scored on a 0\u2013100 basis, using a ratio scale that supports only full integers. A score of ``0`` means that the underlying resources have no criticality, and a score of ``100`` is reserved for the most critical resources. For more information, see [Criticality](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality) in the *User Guide*.\n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/NumberFilter"
},
@@ -153,7 +153,7 @@
"type": "array"
},
"Description": {
- "description": "",
+ "description": "A finding's description. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -161,7 +161,7 @@
"type": "array"
},
"FirstObservedAt": {
- "description": "",
+ "description": "A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product. \n For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps).\n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/DateFilter"
},
@@ -169,7 +169,7 @@
"type": "array"
},
"GeneratorId": {
- "description": "",
+ "description": "The identifier for the solution-specific component that generated a finding. \n Array Members: Minimum number of 1 item. Maximum number of 100 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -177,7 +177,7 @@
"type": "array"
},
"Id": {
- "description": "",
+ "description": "The product-specific identifier for a finding. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -185,7 +185,7 @@
"type": "array"
},
"LastObservedAt": {
- "description": "",
+ "description": "A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding. \n For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps).\n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/DateFilter"
},
@@ -193,7 +193,7 @@
"type": "array"
},
"NoteText": {
- "description": "",
+ "description": "The text of a user-defined note that's added to a finding. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -201,7 +201,7 @@
"type": "array"
},
"NoteUpdatedAt": {
- "description": "",
+ "description": "The timestamp of when the note was updated.\n For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps).\n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/DateFilter"
},
@@ -209,7 +209,7 @@
"type": "array"
},
"NoteUpdatedBy": {
- "description": "",
+ "description": "The principal that created a note. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -217,7 +217,7 @@
"type": "array"
},
"ProductArn": {
- "description": "",
+ "description": "The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -225,7 +225,7 @@
"type": "array"
},
"ProductName": {
- "description": "",
+ "description": "Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -233,7 +233,7 @@
"type": "array"
},
"RecordState": {
- "description": "",
+ "description": "Provides the current state of a finding. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -241,7 +241,7 @@
"type": "array"
},
"RelatedFindingsId": {
- "description": "",
+ "description": "The product-generated identifier for a related finding. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -249,7 +249,7 @@
"type": "array"
},
"RelatedFindingsProductArn": {
- "description": "",
+ "description": "The ARN for the product that generated a related finding. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -257,7 +257,7 @@
"type": "array"
},
"ResourceDetailsOther": {
- "description": "",
+ "description": "Custom fields and values about the resource that a finding pertains to. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/MapFilter"
},
@@ -265,7 +265,7 @@
"type": "array"
},
"ResourceId": {
- "description": "",
+ "description": "The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS-service that created the resource. For non-AWS resources, this is a unique identifier that is associated with the resource. \n Array Members: Minimum number of 1 item. Maximum number of 100 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -273,7 +273,7 @@
"type": "array"
},
"ResourcePartition": {
- "description": "",
+ "description": "The partition in which the resource that the finding pertains to is located. A partition is a group of AWS-Regions. Each AWS-account is scoped to one partition. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -281,7 +281,7 @@
"type": "array"
},
"ResourceRegion": {
- "description": "",
+ "description": "The AWS-Region where the resource that a finding pertains to is located. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -289,7 +289,7 @@
"type": "array"
},
"ResourceTags": {
- "description": "",
+ "description": "A list of AWS tags associated with a resource at the time the finding was processed. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/MapFilter"
},
@@ -297,7 +297,7 @@
"type": "array"
},
"ResourceType": {
- "description": "",
+ "description": "A finding's title. \n Array Members: Minimum number of 1 item. Maximum number of 100 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -305,7 +305,7 @@
"type": "array"
},
"SeverityLabel": {
- "description": "",
+ "description": "The severity value of the finding. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -313,7 +313,7 @@
"type": "array"
},
"SourceUrl": {
- "description": "",
+ "description": "Provides a URL that links to a page about the current finding in the finding product. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -321,7 +321,7 @@
"type": "array"
},
"Title": {
- "description": "",
+ "description": "A finding's title. \n Array Members: Minimum number of 1 item. Maximum number of 100 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -329,7 +329,7 @@
"type": "array"
},
"Type": {
- "description": "",
+ "description": "One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *User Guide*.\n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -337,7 +337,7 @@
"type": "array"
},
"UpdatedAt": {
- "description": "",
+ "description": "A timestamp that indicates when the finding record was most recently updated. \n For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps).\n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/DateFilter"
},
@@ -345,7 +345,7 @@
"type": "array"
},
"UserDefinedFields": {
- "description": "",
+ "description": "A list of user-defined name and value string pairs added to a finding. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/MapFilter"
},
@@ -353,7 +353,7 @@
"type": "array"
},
"VerificationState": {
- "description": "",
+ "description": "Provides the veracity of a finding. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -361,7 +361,7 @@
"type": "array"
},
"WorkflowStatus": {
- "description": "",
+ "description": "Provides information about the status of the investigation into a finding. \n Array Members: Minimum number of 1 item. Maximum number of 20 items.",
"items": {
"$ref": "#/definitions/StringFilter"
},
@@ -387,7 +387,7 @@
},
"DateFilter": {
"additionalProperties": false,
- "description": "",
+ "description": "A date filter for querying findings.",
"oneOf": [
{
"required": [
@@ -412,32 +412,32 @@
"properties": {
"DateRange": {
"$ref": "#/definitions/DateRange",
- "description": ""
+ "description": "A date range for the date filter."
},
"End": {
"$ref": "#/definitions/ISO8601DateString",
- "description": ""
+ "description": "A timestamp that provides the end date for the date filter.\n For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps)."
},
"Start": {
"$ref": "#/definitions/ISO8601DateString",
- "description": ""
+ "description": "A timestamp that provides the start date for the date filter.\n For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps)."
}
},
"type": "object"
},
"DateRange": {
"additionalProperties": false,
- "description": "",
+ "description": "A date range for the date filter.",
"properties": {
"Unit": {
- "description": "",
+ "description": "A date range unit for the date filter.",
"enum": [
"DAYS"
],
"type": "string"
},
"Value": {
- "description": "",
+ "description": "A date range value for the date filter.",
"type": "number"
}
},
@@ -454,10 +454,10 @@
},
"MapFilter": {
"additionalProperties": false,
- "description": "",
+ "description": "A map filter for filtering ASHlong findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.",
"properties": {
"Comparison": {
- "description": "",
+ "description": "The condition to apply to the key value when filtering Security Hub findings with a map filter.\n To search for values that have the filter value, use one of the following comparison operators:\n + To search for values that include the filter value, use ``CONTAINS``. For example, for the ``ResourceTags`` field, the filter ``Department CONTAINS Security`` matches findings that include the value ``Security`` for the ``Department`` tag. In the same example, a finding with a value of ``Security team`` for the ``Department`` tag is a match.\n + To search for values that exactly match the filter value, use ``EQUALS``. For example, for the ``ResourceTags`` field, the filter ``Department EQUALS Security`` matches findings that have the value ``Security`` for the ``Department`` tag.\n \n ``CONTAINS`` and ``EQUALS`` filters on the same field are joined by ``OR``. A finding matches if it matches any one of those filters. For example, the filters ``Department CONTAINS Security OR Department CONTAINS Finance`` match a finding that includes either ``Security``, ``Finance``, or both values.\n To search for values that don't have the filter value, use one of the following comparison operators:\n + To search for values that exclude the filter value, use ``NOT_CONTAINS``. For example, for the ``ResourceTags`` field, the filter ``Department NOT_CONTAINS Finance`` matches findings that exclude the value ``Finance`` for the ``Department`` tag.\n + To search for values other than the filter value, use ``NOT_EQUALS``. For example, for the ``ResourceTags`` field, the filter ``Department NOT_EQUALS Finance`` matches findings that don\u2019t have the value ``Finance`` for the ``Department`` tag.\n \n ``NOT_CONTAINS`` and ``NOT_EQUALS`` filters on the same field are joined by ``AND``. A finding matches only if it matches all of those filters. For example, the filters ``Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance`` match a finding that excludes both the ``Security`` and ``Finance`` values.\n ``CONTAINS`` filters can only be used with other ``CONTAINS`` filters. ``NOT_CONTAINS`` filters can only be used with other ``NOT_CONTAINS`` filters.\n You can\u2019t have both a ``CONTAINS`` filter and a ``NOT_CONTAINS`` filter on the same field. Similarly, you can\u2019t have both an ``EQUALS`` filter and a ``NOT_EQUALS`` filter on the same field. Combining filters in this way returns an error. \n ``CONTAINS`` and ``NOT_CONTAINS`` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *User Guide*.",
"enum": [
"EQUALS",
"NOT_EQUALS",
@@ -467,11 +467,11 @@
"type": "string"
},
"Key": {
- "description": "",
+ "description": "The key of the map filter. For example, for ``ResourceTags``, ``Key`` identifies the name of the tag. For ``UserDefinedFields``, ``Key`` is the name of the field.",
"type": "string"
},
"Value": {
- "description": "",
+ "description": "The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called ``Department`` might be ``Security``. If you provide ``security`` as the filter value, then there's no match.",
"type": "string"
}
},
@@ -488,17 +488,17 @@
},
"NoteUpdate": {
"additionalProperties": false,
- "description": "",
+ "description": "The updated note.",
"properties": {
"Text": {
- "description": "",
+ "description": "The updated note text.",
"maxLength": 512,
"minLength": 1,
"type": "string"
},
"UpdatedBy": {
"$ref": "#/definitions/arnOrId",
- "description": ""
+ "description": "The principal that updated the note."
}
},
"required": [
@@ -509,7 +509,7 @@
},
"NumberFilter": {
"additionalProperties": false,
- "description": "",
+ "description": "A number filter for querying findings.",
"oneOf": [
{
"required": [
@@ -533,15 +533,15 @@
],
"properties": {
"Eq": {
- "description": "",
+ "description": "The equal-to condition to be applied to a single field when querying for findings.",
"type": "number"
},
"Gte": {
- "description": "",
+ "description": "The greater-than-equal condition to be applied to a single field when querying for findings.",
"type": "number"
},
"Lte": {
- "description": "",
+ "description": "The less-than-equal condition to be applied to a single field when querying for findings.",
"type": "number"
}
},
@@ -553,7 +553,7 @@
"properties": {
"Id": {
"$ref": "#/definitions/arnOrId",
- "description": ""
+ "description": "The product-generated identifier for a related finding. \n Array Members: Minimum number of 1 item. Maximum number of 20 items."
},
"ProductArn": {
"$ref": "#/definitions/arn",
@@ -568,10 +568,10 @@
},
"SeverityUpdate": {
"additionalProperties": false,
- "description": "",
+ "description": "Updates to the severity information for a finding.",
"properties": {
"Label": {
- "description": "",
+ "description": "The severity value of the finding. The allowed values are the following.\n + ``INFORMATIONAL`` - No issue was found.\n + ``LOW`` - The issue does not require action on its own.\n + ``MEDIUM`` - The issue must be addressed but not urgently.\n + ``HIGH`` - The issue must be addressed as a priority.\n + ``CRITICAL`` - The issue must be remediated immediately to avoid it escalating.",
"enum": [
"INFORMATIONAL",
"LOW",
@@ -583,10 +583,10 @@
},
"Normalized": {
"$ref": "#/definitions/int100",
- "description": ""
+ "description": "The normalized severity for the finding. This attribute is to be deprecated in favor of ``Label``.\n If you provide ``Normalized`` and don't provide ``Label``, ``Label`` is set automatically as follows.\n + 0 - ``INFORMATIONAL`` \n + 1\u201339 - ``LOW`` \n + 40\u201369 - ``MEDIUM`` \n + 70\u201389 - ``HIGH`` \n + 90\u2013100 - ``CRITICAL``"
},
"Product": {
- "description": "",
+ "description": "The native severity as defined by the AWS service or integrated partner product that generated the finding.",
"type": "number"
}
},
@@ -594,14 +594,14 @@
},
"StringFilter": {
"additionalProperties": false,
- "description": "",
+ "description": "A string filter for filtering ASHlong findings.",
"properties": {
"Comparison": {
"$ref": "#/definitions/StringFilterComparison",
- "description": ""
+ "description": "The condition to apply to a string value when filtering Security Hub findings.\n To search for values that have the filter value, use one of the following comparison operators:\n + To search for values that include the filter value, use ``CONTAINS``. For example, the filter ``Title CONTAINS CloudFront`` matches findings that have a ``Title`` that includes the string CloudFront.\n + To search for values that exactly match the filter value, use ``EQUALS``. For example, the filter ``AwsAccountId EQUALS 123456789012`` only matches findings that have an account ID of ``123456789012``.\n + To search for values that start with the filter value, use ``PREFIX``. For example, the filter ``ResourceRegion PREFIX us`` matches findings that have a ``ResourceRegion`` that starts with ``us``. A ``ResourceRegion`` that starts with a different value, such as ``af``, ``ap``, or ``ca``, doesn't match.\n \n ``CONTAINS``, ``EQUALS``, and ``PREFIX`` filters on the same field are joined by ``OR``. A finding matches if it matches any one of those filters. For example, the filters ``Title CONTAINS CloudFront OR Title CONTAINS CloudWatch`` match a finding that includes either ``CloudFront``, ``CloudWatch``, or both strings in the title.\n To search for values that don\u2019t have the filter value, use one of the following comparison operators:\n + To search for values that exclude the filter value, use ``NOT_CONTAINS``. For example, the filter ``Title NOT_CONTAINS CloudFront`` matches findings that have a ``Title`` that excludes the string CloudFront.\n + To search for values other than the filter value, use ``NOT_EQUALS``. For example, the filter ``AwsAccountId NOT_EQUALS 123456789012`` only matches findings that have an account ID other than ``123456789012``.\n + To search for values that don't start with the filter value, use ``PREFIX_NOT_EQUALS``. For example, the filter ``ResourceRegion PREFIX_NOT_EQUALS us`` matches findings with a ``ResourceRegion`` that starts with a value other than ``us``.\n \n ``NOT_CONTAINS``, ``NOT_EQUALS``, and ``PREFIX_NOT_EQUALS`` filters on the same field are joined by ``AND``. A finding matches only if it matches all of those filters. For example, the filters ``Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch`` match a finding that excludes both ``CloudFront`` and ``CloudWatch`` in the title.\n You can\u2019t have both a ``CONTAINS`` filter and a ``NOT_CONTAINS`` filter on the same field. Similarly, you can't provide both an ``EQUALS`` filter and a ``NOT_EQUALS`` or ``PREFIX_NOT_EQUALS`` filter on the same field. Combining filters in this way returns an error. ``CONTAINS`` filters can only be used with other ``CONTAINS`` filters. ``NOT_CONTAINS`` filters can only be used with other ``NOT_CONTAINS`` filters. \n You can combine ``PREFIX`` filters with ``NOT_EQUALS`` or ``PREFIX_NOT_EQUALS`` filters for the same field. Security Hub first processes the ``PREFIX`` filters, and then the ``NOT_EQUALS`` or ``PREFIX_NOT_EQUALS`` filters.\n For example, for the following filters, Security Hub first identifies findings that have resource types that start with either ``AwsIam`` or ``AwsEc2``. It then excludes findings that have a resource type of ``AwsIamPolicy`` and findings that have a resource type of ``AwsEc2NetworkInterface``.\n + ``ResourceType PREFIX AwsIam`` \n + ``ResourceType PREFIX AwsEc2`` \n + ``ResourceType NOT_EQUALS AwsIamPolicy`` \n + ``ResourceType NOT_EQUALS AwsEc2NetworkInterface`` \n \n ``CONTAINS`` and ``NOT_CONTAINS`` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *User Guide*."
},
"Value": {
- "description": "",
+ "description": "The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is ``Security Hub``. If you provide ``security hub`` as the filter value, there's no match.",
"type": "string"
}
},
@@ -638,10 +638,10 @@
},
"WorkflowUpdate": {
"additionalProperties": false,
- "description": "",
+ "description": "Used to update information about the investigation into the finding.",
"properties": {
"Status": {
- "description": "",
+ "description": "The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to ``SUPPRESSED`` or ``RESOLVED`` does not prevent a new finding for the same issue.\n The allowed values are the following.\n + ``NEW`` - The initial state of a finding, before it is reviewed.\n Security Hub also resets ``WorkFlowStatus`` from ``NOTIFIED`` or ``RESOLVED`` to ``NEW`` in the following cases:\n + The record state changes from ``ARCHIVED`` to ``ACTIVE``.\n + The compliance status changes from ``PASSED`` to either ``WARNING``, ``FAILED``, or ``NOT_AVAILABLE``.\n \n + ``NOTIFIED`` - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.\n + ``RESOLVED`` - The finding was reviewed and remediated and is now considered resolved.\n + ``SUPPRESSED`` - Indicates that you reviewed the finding and don't believe that any action is needed. The finding is no longer updated.",
"enum": [
"NEW",
"NOTIFIED",
@@ -745,7 +745,7 @@
],
"properties": {
"Actions": {
- "description": "",
+ "description": "One or more actions to update finding fields if a finding matches the conditions specified in ``Criteria``.",
"items": {
"$ref": "#/definitions/AutomationRulesAction"
},
@@ -768,13 +768,13 @@
"description": "A set of [Security Finding Format (ASFF)](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html) finding field attributes and corresponding expected values that ASH uses to filter findings. If a rule is enabled and a finding matches the criteria specified in this parameter, ASH applies the rule action to the finding."
},
"Description": {
- "description": "",
+ "description": "A description of the rule.",
"maxLength": 1024,
"minLength": 1,
"type": "string"
},
"IsTerminal": {
- "description": "",
+ "description": "Specifies whether a rule is the last to be applied with respect to a finding that matches the rule criteria. This is useful when a finding matches the criteria for multiple rules, and each rule has different actions. If a rule is terminal, Security Hub applies the rule action to a finding that matches the rule criteria and doesn't evaluate other rules for the finding. By default, a rule isn't terminal.",
"type": "boolean"
},
"RuleArn": {
@@ -783,13 +783,13 @@
"type": "string"
},
"RuleName": {
- "description": "",
+ "description": "The name of the rule.",
"maxLength": 256,
"minLength": 1,
"type": "string"
},
"RuleOrder": {
- "description": "",
+ "description": "An integer ranging from 1 to 1000 that represents the order in which the rule action is applied to findings. Security Hub applies rules with lower values for this parameter first.",
"maximum": 1000,
"minimum": 1,
"type": "integer"
@@ -804,7 +804,7 @@
},
"Tags": {
"$ref": "#/definitions/Tags",
- "description": ""
+ "description": "User-defined tags associated with an automation rule."
},
"UpdatedAt": {
"$ref": "#/definitions/ISO8601DateString",
@@ -817,9 +817,21 @@
"/properties/UpdatedAt",
"/properties/CreatedBy"
],
+ "required": [
+ "RuleOrder",
+ "RuleName",
+ "Description",
+ "Criteria",
+ "Actions"
+ ],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-securityhub",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "securityhub:ListTagsForResource",
+ "securityhub:TagResource",
+ "securityhub:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-securityhub-configurationpolicy.json b/schema/aws-securityhub-configurationpolicy.json
index 594598b..e03eeef 100644
--- a/schema/aws-securityhub-configurationpolicy.json
+++ b/schema/aws-securityhub-configurationpolicy.json
@@ -186,7 +186,7 @@
"additionalProperties": false,
"description": "A key-value pair to associate with a resource.",
"patternProperties": {
- "^[a-zA-Z0-9]{1,128}$": {
+ "^(?!aws:)[a-zA-Z+-=._:/]{1,128}$": {
"description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
"maxLength": 256,
"minLength": 0,
@@ -291,6 +291,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-securityhub",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "securityhub:ListTagsForResource",
+ "securityhub:TagResource",
+ "securityhub:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-securityhub-delegatedadmin.json b/schema/aws-securityhub-delegatedadmin.json
index 414efe3..9173406 100644
--- a/schema/aws-securityhub-delegatedadmin.json
+++ b/schema/aws-securityhub-delegatedadmin.json
@@ -3,7 +3,7 @@
"createOnlyProperties": [
"/properties/AdminAccountId"
],
- "description": "The AWS::SecurityHub::DelegatedAdmin resource represents the AWS Security Hub delegated admin account in your organization. One delegated admin resource is allowed to create for the organization in each region in which you configure the AdminAccountId.",
+ "description": "The ``AWS::SecurityHub::DelegatedAdmin`` resource designates the delegated ASHlong administrator account for an organization. You must enable the integration between ASH and AOlong before you can designate a delegated ASH administrator. Only the management account for an organization can designate the delegated ASH administrator account. For more information, see [Designating the delegated administrator](https://docs.aws.amazon.com/securityhub/latest/userguide/designate-orgs-admin-account.html#designate-admin-instructions) in the *User Guide*.\n To change the delegated administrator account, remove the current delegated administrator account, and then designate the new account.\n To designate multiple delegated administrators in different organizations and AWS-Regions, we recommend using [mappings](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/mappings-section-structure.html).\n Tags aren't supported for this resource.",
"handlers": {
"create": {
"permissions": [
@@ -37,17 +37,17 @@
],
"properties": {
"AdminAccountId": {
- "description": "The Amazon Web Services account identifier of the account to designate as the Security Hub administrator account",
+ "description": "The AWS-account identifier of the account to designate as the Security Hub administrator account.",
"pattern": "^[0-9]{12}$",
"type": "string"
},
"DelegatedAdminIdentifier": {
- "description": "The identifier of the DelegatedAdmin being created and assigned as the unique identifier",
+ "description": "",
"pattern": "^[0-9]{12}/[a-zA-Z0-9-]{1,32}$",
"type": "string"
},
"Status": {
- "description": "The current status of the Security Hub administrator account. Indicates whether the account is currently enabled as a Security Hub administrator",
+ "description": "",
"enum": [
"ENABLED",
"DISABLE_IN_PROGRESS"
diff --git a/schema/aws-securityhub-findingaggregator.json b/schema/aws-securityhub-findingaggregator.json
index 4bacfed..dc533d8 100644
--- a/schema/aws-securityhub-findingaggregator.json
+++ b/schema/aws-securityhub-findingaggregator.json
@@ -6,7 +6,7 @@
"type": "string"
}
},
- "description": "The AWS::SecurityHub::FindingAggregator resource represents the AWS Security Hub Finding Aggregator in your account. One finding aggregator resource is created for each account in non opt-in region in which you configure region linking mode.",
+ "description": "The ``AWS::SecurityHub::FindingAggregator`` resource enables cross-Region aggregation. When cross-Region aggregation is enabled, you can aggregate findings, finding updates, insights, control compliance statuses, and security scores from one or more linked Regions to a single aggregation Region. You can then view and manage all of this data from the aggregation Region. For more details about cross-Region aggregation, see [Cross-Region aggregation](https://docs.aws.amazon.com/securityhub/latest/userguide/finding-aggregation.html) in the *User Guide* \n This resource must be created in the Region that you want to designate as your aggregation Region.\n Cross-Region aggregation is also a prerequisite for using [central configuration](https://docs.aws.amazon.com/securityhub/latest/userguide/central-configuration-intro.html) in ASH.",
"handlers": {
"create": {
"permissions": [
@@ -40,15 +40,15 @@
"properties": {
"FindingAggregationRegion": {
"$ref": "#/definitions/Region",
- "description": "The aggregation Region of the FindingAggregator"
+ "description": ""
},
"FindingAggregatorArn": {
- "description": "The ARN of the FindingAggregator being created and assigned as the unique identifier",
+ "description": "",
"pattern": "arn:aws\\S*:securityhub:\\S*",
"type": "string"
},
"RegionLinkingMode": {
- "description": "Indicates whether to link all Regions, all Regions except for a list of excluded Regions, or a list of included Regions",
+ "description": "Indicates whether to aggregate findings from all of the available Regions in the current partition. Also determines whether to automatically aggregate findings from new Regions as Security Hub supports them and you opt into them.\n The selected option also determines how to use the Regions provided in the Regions list.\n In CFN, the options for this property are as follows:\n + ``ALL_REGIONS`` - Indicates to aggregate findings from all of the Regions where Security Hub is enabled. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them. \n + ``ALL_REGIONS_EXCEPT_SPECIFIED`` - Indicates to aggregate findings from all of the Regions where Security Hub is enabled, except for the Regions listed in the ``Regions`` parameter. When you choose this option, Security Hub also automatically aggregates findings from new Regions as Security Hub supports them and you opt into them. \n + ``SPECIFIED_REGIONS`` - Indicates to aggregate findings only from the Regions listed in the ``Regions`` parameter. Security Hub does not automatically aggregate findings from new Regions.",
"enum": [
"ALL_REGIONS",
"ALL_REGIONS_EXCEPT_SPECIFIED",
@@ -57,7 +57,7 @@
"type": "string"
},
"Regions": {
- "description": "The list of excluded Regions or included Regions",
+ "description": "If ``RegionLinkingMode`` is ``ALL_REGIONS_EXCEPT_SPECIFIED``, then this is a space-separated list of Regions that do not aggregate findings to the aggregation Region.\n If ``RegionLinkingMode`` is ``SPECIFIED_REGIONS``, then this is a space-separated list of Regions that do aggregate findings to the aggregation Region.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/Region"
diff --git a/schema/aws-securityhub-hub.json b/schema/aws-securityhub-hub.json
index 8e40d42..0dae5a4 100644
--- a/schema/aws-securityhub-hub.json
+++ b/schema/aws-securityhub-hub.json
@@ -5,7 +5,7 @@
"additionalProperties": false,
"description": "A key-value pair to associate with a resource.",
"patternProperties": {
- "^[a-zA-Z0-9-_]{1,128}$": {
+ "^(?!aws:)[a-zA-Z+-=._:/]+$": {
"description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -.",
"maxLength": 256,
"minLength": 0,
@@ -89,6 +89,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-securityhub",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "securityhub:ListTagsForResource",
+ "securityhub:TagResource",
+ "securityhub:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-securityhub-policyassociation.json b/schema/aws-securityhub-policyassociation.json
index 4437581..d7b7bff 100644
--- a/schema/aws-securityhub-policyassociation.json
+++ b/schema/aws-securityhub-policyassociation.json
@@ -10,7 +10,8 @@
"permissions": [
"securityhub:StartConfigurationPolicyAssociation",
"securityhub:GetConfigurationPolicyAssociation"
- ]
+ ],
+ "timeoutInMinutes": 1440
},
"delete": {
"permissions": [
@@ -33,7 +34,8 @@
"permissions": [
"securityhub:StartConfigurationPolicyAssociation",
"securityhub:GetConfigurationPolicyAssociation"
- ]
+ ],
+ "timeoutInMinutes": 1440
}
},
"primaryIdentifier": [
diff --git a/schema/aws-securityhub-securitycontrol.json b/schema/aws-securityhub-securitycontrol.json
index 0155c81..ee23ba5 100644
--- a/schema/aws-securityhub-securitycontrol.json
+++ b/schema/aws-securityhub-securitycontrol.json
@@ -17,6 +17,9 @@
]
}
],
+ "createOnlyProperties": [
+ "/properties/SecurityControlId"
+ ],
"definitions": {
"IntegerList": {
"items": {
diff --git a/schema/aws-securityhub-standard.json b/schema/aws-securityhub-standard.json
index b434fa0..279f1bb 100644
--- a/schema/aws-securityhub-standard.json
+++ b/schema/aws-securityhub-standard.json
@@ -67,7 +67,7 @@
],
"properties": {
"DisabledStandardsControls": {
- "description": "Specifies which controls are to be disabled in a standard. \n *Maximum*: ``100``",
+ "description": "Specifies which controls are to be disabled in a standard. \n *Maximum*: ``100``",
"insertionOrder": true,
"items": {
"$ref": "#/definitions/StandardsControl"
diff --git a/schema/aws-securitylake-datalake.json b/schema/aws-securitylake-datalake.json
index 3e6b02d..4de6cf7 100644
--- a/schema/aws-securitylake-datalake.json
+++ b/schema/aws-securitylake-datalake.json
@@ -50,7 +50,7 @@
"description": "Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. Amazon S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different AWS Regions or within the same Region as the source bucket.",
"insertionOrder": false,
"items": {
- "pattern": "^(af|ap|ca|eu|me|sa|us)-(central|north|(north(?:east|west))|south|south(?:east|west)|east|west)-\\d+$",
+ "pattern": "^(us(-gov)?|af|ap|ca|eu|me|sa)-(central|north|(north(?:east|west))|south|south(?:east|west)|east|west)-\\d+$",
"type": "string"
},
"type": "array",
@@ -213,6 +213,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-securitylake.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "securitylake:TagResource",
+ "securitylake:UntagResource",
+ "securitylake:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-securitylake-subscriber.json b/schema/aws-securitylake-subscriber.json
index 2ca401a..7109fcb 100644
--- a/schema/aws-securitylake-subscriber.json
+++ b/schema/aws-securitylake-subscriber.json
@@ -109,6 +109,7 @@
"securitylake:CreateDataLake",
"securitylake:TagResource",
"securitylake:GetSubscriber",
+ "securitylake:ListSubscribers",
"securitylake:ListTagsForResource",
"iam:GetRole",
"iam:GetRolePolicy",
@@ -298,6 +299,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-securitylake.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "securitylake:TagResource",
+ "securitylake:UntagResource",
+ "securitylake:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-servicecatalog-cloudformationprovisionedproduct.json b/schema/aws-servicecatalog-cloudformationprovisionedproduct.json
index e07e933..3cb4110 100644
--- a/schema/aws-servicecatalog-cloudformationprovisionedproduct.json
+++ b/schema/aws-servicecatalog-cloudformationprovisionedproduct.json
@@ -103,23 +103,28 @@
"handlers": {
"create": {
"permissions": [
- "*"
+ "servicecatalog:provisionProduct",
+ "cloudformation:CreateStack"
],
"timeoutInMinutes": 720
},
"delete": {
"permissions": [
- "*"
+ "servicecatalog:terminateProvisionedProduct",
+ "servicecatalog:describeRecord",
+ "cloudformation:DeleteStack"
]
},
"read": {
"permissions": [
- "*"
+ "servicecatalog:describeProvisionedProduct",
+ "cloudformation:ListStacks"
]
},
"update": {
"permissions": [
- "*"
+ "servicecatalog:updateProvisionedProduct",
+ "cloudformation:UpdateStack"
],
"timeoutInMinutes": 720
}
diff --git a/schema/aws-servicediscovery-service.json b/schema/aws-servicediscovery-service.json
index 349af03..b05364c 100644
--- a/schema/aws-servicediscovery-service.json
+++ b/schema/aws-servicediscovery-service.json
@@ -118,6 +118,9 @@
"NamespaceId": {
"type": "string"
},
+ "ServiceAttributes": {
+ "type": "object"
+ },
"Tags": {
"items": {
"$ref": "#/definitions/Tag"
diff --git a/schema/aws-ses-configurationset.json b/schema/aws-ses-configurationset.json
index a525275..0d1b9ef 100644
--- a/schema/aws-ses-configurationset.json
+++ b/schema/aws-ses-configurationset.json
@@ -23,6 +23,12 @@
"additionalProperties": false,
"description": "An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set.",
"properties": {
+ "MaxDeliverySeconds": {
+ "description": "Specifies the maximum time until which SES will retry sending emails",
+ "maximum": 50400,
+ "minimum": 300,
+ "type": "number"
+ },
"SendingPoolName": {
"description": "The name of the dedicated IP pool to associate with the configuration set.",
"type": "string"
@@ -98,11 +104,13 @@
"CustomRedirectDomain": {
"description": "The domain to use for tracking open and click events.",
"type": "string"
+ },
+ "HttpsPolicy": {
+ "description": "The https policy to use for tracking open and click events.",
+ "pattern": "REQUIRE|REQUIRE_OPEN_ONLY|OPTIONAL",
+ "type": "string"
}
},
- "required": [
- "CustomRedirectDomain"
- ],
"type": "object"
},
"VdmOptions": {
diff --git a/schema/aws-ses-mailmanageringresspoint.json b/schema/aws-ses-mailmanageringresspoint.json
index 1fbbebc..de43aa6 100644
--- a/schema/aws-ses-mailmanageringresspoint.json
+++ b/schema/aws-ses-mailmanageringresspoint.json
@@ -1,6 +1,7 @@
{
"additionalProperties": false,
"createOnlyProperties": [
+ "/properties/NetworkConfiguration",
"/properties/Type"
],
"definitions": {
@@ -63,6 +64,75 @@
],
"type": "string"
},
+ "IpType": {
+ "enum": [
+ "IPV4",
+ "DUAL_STACK"
+ ],
+ "type": "string"
+ },
+ "NetworkConfiguration": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "PublicNetworkConfiguration": {
+ "$ref": "#/definitions/PublicNetworkConfiguration"
+ }
+ },
+ "required": [
+ "PublicNetworkConfiguration"
+ ],
+ "title": "PublicNetworkConfiguration",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "PrivateNetworkConfiguration": {
+ "$ref": "#/definitions/PrivateNetworkConfiguration"
+ }
+ },
+ "required": [
+ "PrivateNetworkConfiguration"
+ ],
+ "title": "PrivateNetworkConfiguration",
+ "type": "object"
+ }
+ ]
+ },
+ "PrivateNetworkConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "VpcEndpointId": {
+ "pattern": "^vpce-[a-zA-Z0-9]{17}$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "VpcEndpointId"
+ ],
+ "type": "object"
+ },
+ "PublicNetworkConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "IpType": {
+ "allOf": [
+ {
+ "$ref": "#/definitions/IpType"
+ },
+ {
+ "default": "IPV4"
+ }
+ ]
+ }
+ },
+ "required": [
+ "IpType"
+ ],
+ "type": "object"
+ },
"Tag": {
"additionalProperties": false,
"properties": {
@@ -94,7 +164,8 @@
"ses:ListTagsForResource",
"ses:GetIngressPoint",
"ses:CreateIngressPoint",
- "iam:CreateServiceLinkedRole"
+ "iam:CreateServiceLinkedRole",
+ "ec2:DescribeVpcEndpoints"
]
},
"delete": {
@@ -148,6 +219,9 @@
"pattern": "^[A-Za-z0-9_\\-]+$",
"type": "string"
},
+ "NetworkConfiguration": {
+ "$ref": "#/definitions/NetworkConfiguration"
+ },
"RuleSetId": {
"maxLength": 100,
"minLength": 1,
diff --git a/schema/aws-ses-mailmanagerruleset.json b/schema/aws-ses-mailmanagerruleset.json
index e2324cb..0a58912 100644
--- a/schema/aws-ses-mailmanagerruleset.json
+++ b/schema/aws-ses-mailmanagerruleset.json
@@ -39,7 +39,7 @@
"ResultField": {
"maxLength": 256,
"minLength": 1,
- "pattern": "^[\\sa-zA-Z0-9_]+$",
+ "pattern": "^(addon\\.)?[\\sa-zA-Z0-9_]+$",
"type": "string"
}
},
@@ -92,6 +92,38 @@
],
"type": "object"
},
+ "DeliverToQBusinessAction": {
+ "additionalProperties": false,
+ "properties": {
+ "ActionFailurePolicy": {
+ "$ref": "#/definitions/ActionFailurePolicy"
+ },
+ "ApplicationId": {
+ "maxLength": 36,
+ "minLength": 36,
+ "pattern": "^[a-z0-9-]+$",
+ "type": "string"
+ },
+ "IndexId": {
+ "maxLength": 36,
+ "minLength": 36,
+ "pattern": "^[a-z0-9-]+$",
+ "type": "string"
+ },
+ "RoleArn": {
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^[a-zA-Z0-9:_/+=,@.#-]+$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "ApplicationId",
+ "IndexId",
+ "RoleArn"
+ ],
+ "type": "object"
+ },
"DropAction": {
"additionalProperties": false,
"type": "object"
@@ -286,6 +318,19 @@
],
"title": "DeliverToMailbox",
"type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "DeliverToQBusiness": {
+ "$ref": "#/definitions/DeliverToQBusinessAction"
+ }
+ },
+ "required": [
+ "DeliverToQBusiness"
+ ],
+ "title": "DeliverToQBusiness",
+ "type": "object"
}
]
},
@@ -334,6 +379,19 @@
],
"title": "Attribute",
"type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "Analysis": {
+ "$ref": "#/definitions/Analysis"
+ }
+ },
+ "required": [
+ "Analysis"
+ ],
+ "title": "Analysis",
+ "type": "object"
}
]
},
@@ -472,9 +530,9 @@
},
"Values": {
"items": {
- "maxLength": 18,
+ "maxLength": 43,
"minLength": 1,
- "pattern": "^(([0-9]|.|/)*)$",
+ "pattern": "^(([0-9]|.|:|/)*)$",
"type": "string"
},
"maxItems": 10,
@@ -631,6 +689,33 @@
],
"title": "Attribute",
"type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "MimeHeaderAttribute": {
+ "pattern": "^X-[a-zA-Z0-9-]{1,256}$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "MimeHeaderAttribute"
+ ],
+ "title": "MimeHeaderAttribute",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "Analysis": {
+ "$ref": "#/definitions/Analysis"
+ }
+ },
+ "required": [
+ "Analysis"
+ ],
+ "title": "Analysis",
+ "type": "object"
}
]
},
diff --git a/schema/aws-ses-mailmanagertrafficpolicy.json b/schema/aws-ses-mailmanagertrafficpolicy.json
index 5179c69..91240e8 100644
--- a/schema/aws-ses-mailmanagertrafficpolicy.json
+++ b/schema/aws-ses-mailmanagertrafficpolicy.json
@@ -18,7 +18,7 @@
"ResultField": {
"maxLength": 256,
"minLength": 1,
- "pattern": "^[\\sa-zA-Z0-9_]+$",
+ "pattern": "^(addon\\.)?[\\sa-zA-Z0-9_]+$",
"type": "string"
}
},
@@ -122,6 +122,54 @@
],
"type": "object"
},
+ "IngressIpv6Attribute": {
+ "enum": [
+ "SENDER_IPV6"
+ ],
+ "type": "string"
+ },
+ "IngressIpv6Expression": {
+ "additionalProperties": false,
+ "properties": {
+ "Evaluate": {
+ "$ref": "#/definitions/IngressIpv6ToEvaluate"
+ },
+ "Operator": {
+ "$ref": "#/definitions/IngressIpOperator"
+ },
+ "Values": {
+ "items": {
+ "maxLength": 49,
+ "pattern": "^(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:))\\/(12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9])$",
+ "type": "string"
+ },
+ "type": "array"
+ }
+ },
+ "required": [
+ "Evaluate",
+ "Operator",
+ "Values"
+ ],
+ "type": "object"
+ },
+ "IngressIpv6ToEvaluate": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "Attribute": {
+ "$ref": "#/definitions/IngressIpv6Attribute"
+ }
+ },
+ "required": [
+ "Attribute"
+ ],
+ "title": "Attribute",
+ "type": "object"
+ }
+ ]
+ },
"IngressStringEmailAttribute": {
"enum": [
"RECIPIENT"
@@ -175,6 +223,19 @@
],
"title": "Attribute",
"type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "Analysis": {
+ "$ref": "#/definitions/IngressAnalysis"
+ }
+ },
+ "required": [
+ "Analysis"
+ ],
+ "title": "Analysis",
+ "type": "object"
}
]
},
@@ -263,6 +324,19 @@
"title": "IpExpression",
"type": "object"
},
+ {
+ "additionalProperties": false,
+ "properties": {
+ "Ipv6Expression": {
+ "$ref": "#/definitions/IngressIpv6Expression"
+ }
+ },
+ "required": [
+ "Ipv6Expression"
+ ],
+ "title": "Ipv6Expression",
+ "type": "object"
+ },
{
"additionalProperties": false,
"properties": {
diff --git a/schema/aws-ses-receiptrule.json b/schema/aws-ses-receiptrule.json
index e3b07eb..1d22ee2 100644
--- a/schema/aws-ses-receiptrule.json
+++ b/schema/aws-ses-receiptrule.json
@@ -13,6 +13,9 @@
"BounceAction": {
"$ref": "#/definitions/BounceAction"
},
+ "ConnectAction": {
+ "$ref": "#/definitions/ConnectAction"
+ },
"LambdaAction": {
"$ref": "#/definitions/LambdaAction"
},
@@ -42,8 +45,8 @@
}
},
"required": [
- "HeaderName",
- "HeaderValue"
+ "HeaderValue",
+ "HeaderName"
],
"type": "object"
},
@@ -73,6 +76,22 @@
],
"type": "object"
},
+ "ConnectAction": {
+ "additionalProperties": false,
+ "properties": {
+ "IAMRoleARN": {
+ "type": "string"
+ },
+ "InstanceARN": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "InstanceARN",
+ "IAMRoleARN"
+ ],
+ "type": "object"
+ },
"LambdaAction": {
"additionalProperties": false,
"properties": {
@@ -129,6 +148,9 @@
"BucketName": {
"type": "string"
},
+ "IamRoleArn": {
+ "type": "string"
+ },
"KmsKeyArn": {
"type": "string"
},
@@ -209,8 +231,8 @@
"/properties/Id"
],
"required": [
- "RuleSetName",
- "Rule"
+ "Rule",
+ "RuleSetName"
],
"typeName": "AWS::SES::ReceiptRule"
}
diff --git a/schema/aws-shield-protection.json b/schema/aws-shield-protection.json
index f82bce5..a5dd648 100644
--- a/schema/aws-shield-protection.json
+++ b/schema/aws-shield-protection.json
@@ -193,7 +193,14 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-shield.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "shield:ListTagsForResource",
+ "shield:UntagResource",
+ "shield:TagResource"
+ ],
+ "tagOnCreate": true,
"tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::Shield::Protection"
diff --git a/schema/aws-shield-protectiongroup.json b/schema/aws-shield-protectiongroup.json
index 507b7a7..48637eb 100644
--- a/schema/aws-shield-protectiongroup.json
+++ b/schema/aws-shield-protectiongroup.json
@@ -145,7 +145,9 @@
"shield:UntagResource",
"shield:TagResource"
],
+ "tagOnCreate": true,
"tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::Shield::ProtectionGroup"
diff --git a/schema/aws-signer-profilepermission.json b/schema/aws-signer-profilepermission.json
index c100d03..bc0cd44 100644
--- a/schema/aws-signer-profilepermission.json
+++ b/schema/aws-signer-profilepermission.json
@@ -73,5 +73,11 @@
"StatementId"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "taggable": false
+ },
"typeName": "AWS::Signer::ProfilePermission"
}
diff --git a/schema/aws-signer-signingprofile.json b/schema/aws-signer-signingprofile.json
index 9a374d9..cf7b31f 100644
--- a/schema/aws-signer-signingprofile.json
+++ b/schema/aws-signer-signingprofile.json
@@ -28,7 +28,7 @@
"ProfileName": {
"maxLength": 64,
"minLength": 2,
- "pattern": "^[0-9a-zA-Z_]$",
+ "pattern": "^[0-9a-zA-Z_]{2,64}$",
"type": "string"
},
"ProfileVersion": {
@@ -148,5 +148,17 @@
"PlatformId"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "signer:TagResource",
+ "signer:UntagResource",
+ "signer:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Signer::SigningProfile"
}
diff --git a/schema/aws-sns-subscription.json b/schema/aws-sns-subscription.json
index d63309b..599ec04 100644
--- a/schema/aws-sns-subscription.json
+++ b/schema/aws-sns-subscription.json
@@ -1,58 +1,127 @@
{
"additionalProperties": false,
+ "conditionalCreateOnlyProperties": [
+ "/properties/Region"
+ ],
"createOnlyProperties": [
"/properties/Endpoint",
"/properties/Protocol",
"/properties/TopicArn"
],
"description": "Resource Type definition for AWS::SNS::Subscription",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "iam:GetRole",
+ "iam:PassRole",
+ "sns:Subscribe"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "sns:Unsubscribe",
+ "sns:GetSubscriptionAttributes"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "sns:ListSubscriptions"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "sns:GetSubscriptionAttributes"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "iam:GetRole",
+ "iam:PassRole",
+ "sns:SetSubscriptionAttributes"
+ ]
+ }
+ },
"primaryIdentifier": [
- "/properties/Id"
+ "/properties/Arn"
],
"properties": {
+ "Arn": {
+ "description": "Arn of the subscription",
+ "type": "string"
+ },
"DeliveryPolicy": {
- "type": "object"
+ "description": "The delivery policy JSON assigned to the subscription. Enables the subscriber to define the message delivery retry strategy in the case of an HTTP/S endpoint subscribed to the topic.",
+ "type": [
+ "object",
+ "string"
+ ]
},
"Endpoint": {
+ "description": "The subscription's endpoint. The endpoint value depends on the protocol that you specify. ",
"type": "string"
},
"FilterPolicy": {
- "type": "object"
+ "description": "The filter policy JSON assigned to the subscription. Enables the subscriber to filter out unwanted messages.",
+ "type": [
+ "object",
+ "string"
+ ]
},
"FilterPolicyScope": {
- "type": "string"
- },
- "Id": {
+ "description": "This attribute lets you choose the filtering scope by using one of the following string value types: MessageAttributes (default) and MessageBody.",
"type": "string"
},
"Protocol": {
+ "description": "The subscription's protocol.",
"type": "string"
},
"RawMessageDelivery": {
+ "description": "When set to true, enables raw message delivery. Raw messages don't contain any JSON formatting and can be sent to Amazon SQS and HTTP/S endpoints.",
"type": "boolean"
},
"RedrivePolicy": {
- "type": "object"
+ "description": "When specified, sends undeliverable messages to the specified Amazon SQS dead-letter queue. Messages that can't be delivered due to client errors are held in the dead-letter queue for further analysis or reprocessing.",
+ "type": [
+ "object",
+ "string"
+ ]
},
"Region": {
+ "description": "For cross-region subscriptions, the region in which the topic resides.If no region is specified, AWS CloudFormation uses the region of the caller as the default.",
"type": "string"
},
"ReplayPolicy": {
- "type": "object"
+ "description": "Specifies whether Amazon SNS resends the notification to the subscription when a message's attribute changes.",
+ "type": [
+ "object",
+ "string"
+ ]
},
"SubscriptionRoleArn": {
+ "description": "This property applies only to Amazon Data Firehose delivery stream subscriptions.",
"type": "string"
},
"TopicArn": {
+ "description": "The ARN of the topic to subscribe to.",
"type": "string"
}
},
"readOnlyProperties": [
- "/properties/Id"
+ "/properties/Arn"
],
"required": [
"TopicArn",
"Protocol"
],
- "typeName": "AWS::SNS::Subscription"
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-sns",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "taggable": false
+ },
+ "typeName": "AWS::SNS::Subscription",
+ "writeOnlyProperties": [
+ "/properties/Region"
+ ]
}
diff --git a/schema/aws-sns-topic.json b/schema/aws-sns-topic.json
index cf014c6..a41b508 100644
--- a/schema/aws-sns-topic.json
+++ b/schema/aws-sns-topic.json
@@ -7,14 +7,14 @@
"definitions": {
"LoggingConfig": {
"additionalProperties": false,
- "description": "",
+ "description": "The ``LoggingConfig`` property type specifies the ``Delivery`` status logging configuration for an [AWS::SNS::Topic](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-topic.html).",
"properties": {
"FailureFeedbackRoleArn": {
- "description": "",
+ "description": "The IAM role ARN to be used when logging failed message deliveries in Amazon CloudWatch.",
"type": "string"
},
"Protocol": {
- "description": "",
+ "description": "Indicates one of the supported protocols for the Amazon SNS topic.\n At least one of the other three ``LoggingConfig`` properties is recommend along with ``Protocol``.",
"enum": [
"http/s",
"sqs",
@@ -25,11 +25,11 @@
"type": "string"
},
"SuccessFeedbackRoleArn": {
- "description": "",
+ "description": "The IAM role ARN to be used when logging successful message deliveries in Amazon CloudWatch.",
"type": "string"
},
"SuccessFeedbackSampleRate": {
- "description": "",
+ "description": "The percentage of successful message deliveries to be logged in Amazon CloudWatch. Valid percentage values range from 0 to 100.",
"type": "string"
}
},
@@ -43,20 +43,6 @@
"description": "``Subscription`` is an embedded property that describes the subscription endpoints of an SNS topic.\n For full control over subscription behavior (for example, delivery policy, filtering, raw message delivery, and cross-region subscriptions), use the [AWS::SNS::Subscription](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-subscription.html) resource.",
"properties": {
"Endpoint": {
- "anyOf": [
- {
- "relationshipRef": {
- "propertyPath": "/properties/Arn",
- "typeName": "AWS::Lambda::Function"
- }
- },
- {
- "relationshipRef": {
- "propertyPath": "/properties/Arn",
- "typeName": "AWS::SQS::Queue"
- }
- }
- ],
"description": "The endpoint that receives notifications from the SNS topic. The endpoint value depends on the protocol that you specify. For more information, see the ``Endpoint`` parameter of the ``Subscribe`` action in the *API Reference*.",
"type": "string"
},
@@ -157,7 +143,7 @@
"type": "object"
},
"DeliveryStatusLogging": {
- "description": "",
+ "description": "The ``DeliveryStatusLogging`` configuration enables you to log the delivery status of messages sent from your Amazon SNS topic to subscribed endpoints with the following supported delivery protocols:\n + HTTP \n + Amazon Kinesis Data Firehose\n + AWS Lambda\n + Platform application endpoint\n + Amazon Simple Queue Service\n \n Once configured, log entries are sent to Amazon CloudWatch Logs.",
"insertionOrder": false,
"items": {
"$ref": "#/definitions/LoggingConfig"
@@ -169,31 +155,15 @@
"description": "The display name to use for an SNS topic with SMS subscriptions. The display name must be maximum 100 characters long, including hyphens (-), underscores (_), spaces, and tabs.",
"type": "string"
},
+ "FifoThroughputScope": {
+ "description": "",
+ "type": "string"
+ },
"FifoTopic": {
"description": "Set to true to create a FIFO topic.",
"type": "boolean"
},
"KmsMasterKeyId": {
- "anyOf": [
- {
- "relationshipRef": {
- "propertyPath": "/properties/Arn",
- "typeName": "AWS::KMS::Key"
- }
- },
- {
- "relationshipRef": {
- "propertyPath": "/properties/KeyId",
- "typeName": "AWS::KMS::Key"
- }
- },
- {
- "relationshipRef": {
- "propertyPath": "/properties/AliasName",
- "typeName": "AWS::KMS::Alias"
- }
- }
- ],
"description": "The ID of an AWS managed customer master key (CMK) for SNS or a custom CMK. For more information, see [Key terms](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html#sse-key-terms). For more examples, see ``KeyId`` in the *API Reference*.\n This property applies only to [server-side-encryption](https://docs.aws.amazon.com/sns/latest/dg/sns-server-side-encryption.html).",
"type": "string"
},
@@ -238,6 +208,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-sns",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "sns:TagResource",
+ "sns:UntagResource",
+ "sns:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-sqs-queue.json b/schema/aws-sqs-queue.json
index b50ea35..197ea82 100644
--- a/schema/aws-sqs-queue.json
+++ b/schema/aws-sqs-queue.json
@@ -25,7 +25,7 @@
"type": "object"
}
},
- "description": "The ``AWS::SQS::Queue`` resource creates an SQS standard or FIFO queue.\n Keep the following caveats in mind:\n + If you don't specify the ``FifoQueue`` property, SQS creates a standard queue.\n You can't change the queue type after you create it and you can't convert an existing standard queue into a FIFO queue. You must either create a new FIFO queue for your application or delete your existing standard queue and recreate it as a FIFO queue. For more information, see [Moving from a standard queue to a FIFO queue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues-moving.html) in the *Developer Guide*. \n + If you don't provide a value for a property, the queue is created with the default value for the property.\n + If you delete a queue, you must wait at least 60 seconds before creating a queue with the same name.\n + To successfully create a new queue, you must provide a queue name that adheres to the [limits related to queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/limits-queues.html) and is unique within the scope of your queues.\n \n For more information about creating FIFO (first-in-first-out) queues, see [Creating an queue ()](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/screate-queue-cloudformation.html) in the *Developer Guide*.",
+ "description": "The ``AWS::SQS::Queue`` resource creates an SQS standard or FIFO queue.\n Keep the following caveats in mind:\n + If you don't specify the ``FifoQueue`` property, SQS creates a standard queue.\n You can't change the queue type after you create it and you can't convert an existing standard queue into a FIFO queue. You must either create a new FIFO queue for your application or delete your existing standard queue and recreate it as a FIFO queue. For more information, see [Moving from a standard queue to a FIFO queue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues-moving.html) in the *Developer Guide*. \n + If you don't provide a value for a property, the queue is created with the default value for the property.\n + If you delete a queue, you must wait at least 60 seconds before creating a queue with the same name.\n + To successfully create a new queue, you must provide a queue name that adheres to the [limits related to queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/limits-queues.html) and is unique within the scope of your queues.\n \n For more information about creating FIFO (first-in-first-out) queues, see [Creating an queue ()](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/create-queue-cloudformation.html) in the *Developer Guide*.",
"handlers": {
"create": {
"permissions": [
@@ -84,7 +84,7 @@
"type": "integer"
},
"FifoQueue": {
- "description": "If set to true, creates a FIFO queue. If you don't specify this property, SQS creates a standard queue. For more information, see [FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html) in the *Developer Guide*.",
+ "description": "If set to true, creates a FIFO queue. If you don't specify this property, SQS creates a standard queue. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Developer Guide*.",
"type": "boolean"
},
"FifoThroughputLimit": {
@@ -96,7 +96,7 @@
"type": "integer"
},
"KmsMasterKeyId": {
- "description": "The ID of an AWS Key Management Service (KMS) for SQS, or a custom KMS. To use the AWS managed KMS for SQS, specify a (default) alias ARN, alias name (e.g. ``alias/aws/sqs``), key ARN, or key ID. For more information, see the following:\n + [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html) in the *Developer Guide* \n + [CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html) in the *API Reference* \n + [Request Parameters](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters) in the *Key Management Service API Reference* \n + The Key Management Service (KMS) section of the [Best Practices](https://docs.aws.amazon.com/https://d0.awsstatic.com/whitepapers/aws-kms-best-practices.pdf) whitepaper",
+ "description": "The ID of an AWS Key Management Service (KMS) for SQS, or a custom KMS. To use the AWS managed KMS for SQS, specify a (default) alias ARN, alias name (for example ``alias/aws/sqs``), key ARN, or key ID. For more information, see the following:\n + [Encryption at rest](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html) in the *Developer Guide* \n + [CreateQueue](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_CreateQueue.html) in the *API Reference* \n + [Request Parameters](https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters) in the *Key Management Service API Reference* \n + The Key Management Service (KMS) section of the [Security best practices for Key Management Service](https://docs.aws.amazon.com/kms/latest/developerguide/best-practices.html) in the *Key Management Service Developer Guide*",
"type": "string"
},
"MaximumMessageSize": {
@@ -108,7 +108,7 @@
"type": "integer"
},
"QueueName": {
- "description": "A name for the queue. To create a FIFO queue, the name of your FIFO queue must end with the ``.fifo`` suffix. For more information, see [FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html) in the *Developer Guide*.\n If you don't specify a name, CFN generates a unique physical ID and uses that ID for the queue name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) in the *User Guide*. \n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.",
+ "description": "A name for the queue. To create a FIFO queue, the name of your FIFO queue must end with the ``.fifo`` suffix. For more information, see [Amazon SQS FIFO queues](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-fifo-queues.html) in the *Developer Guide*.\n If you don't specify a name, CFN generates a unique physical ID and uses that ID for the queue name. For more information, see [Name type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-name.html) in the *User Guide*. \n If you specify a name, you can't perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.",
"type": "string"
},
"QueueUrl": {
@@ -120,14 +120,14 @@
"type": "integer"
},
"RedriveAllowPolicy": {
- "description": "The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues as a JSON object. The parameters are as follows:\n + ``redrivePermission``: The permission type that defines which source queues can specify the current queue as the dead-letter queue. Valid values are:\n + ``allowAll``: (Default) Any source queues in this AWS account in the same Region can specify this queue as the dead-letter queue.\n + ``denyAll``: No source queues can specify this queue as the dead-letter queue.\n + ``byQueue``: Only queues specified by the ``sourceQueueArns`` parameter can specify this queue as the dead-letter queue.\n \n + ``sourceQueueArns``: The Amazon Resource Names (ARN)s of the source queues that can specify this queue as the dead-letter queue and redrive messages. You can specify this parameter only when the ``redrivePermission`` parameter is set to ``byQueue``. You can specify up to 10 source queue ARNs. To allow more than 10 source queues to specify dead-letter queues, set the ``redrivePermission`` parameter to ``allowAll``.",
+ "description": "The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues as a JSON object. The parameters are as follows:\n + ``redrivePermission``: The permission type that defines which source queues can specify the current queue as the dead-letter queue. Valid values are:\n + ``allowAll``: (Default) Any source queues in this AWS account in the same Region can specify this queue as the dead-letter queue.\n + ``denyAll``: No source queues can specify this queue as the dead-letter queue.\n + ``byQueue``: Only queues specified by the ``sourceQueueArns`` parameter can specify this queue as the dead-letter queue.\n \n + ``sourceQueueArns``: The Amazon Resource Names (ARN)s of the source queues that can specify this queue as the dead-letter queue and redrive messages. You can specify this parameter only when the ``redrivePermission`` parameter is set to ``byQueue``. You can specify up to 10 source queue ARNs. To allow more than 10 source queues to specify dead-letter queues, set the ``redrivePermission`` parameter to ``allowAll``.",
"type": [
"object",
"string"
]
},
"RedrivePolicy": {
- "description": "The string that includes the parameters for the dead-letter queue functionality of the source queue as a JSON object. The parameters are as follows:\n + ``deadLetterTargetArn``: The Amazon Resource Name (ARN) of the dead-letter queue to which SQS moves messages after the value of ``maxReceiveCount`` is exceeded.\n + ``maxReceiveCount``: The number of times a message is delivered to the source queue before being moved to the dead-letter queue. When the ``ReceiveCount`` for a message exceeds the ``maxReceiveCount`` for a queue, SQS moves the message to the dead-letter-queue.\n \n The dead-letter queue of a FIFO queue must also be a FIFO queue. Similarly, the dead-letter queue of a standard queue must also be a standard queue.\n *JSON* \n ``{ \"deadLetterTargetArn\" : String, \"maxReceiveCount\" : Integer }`` \n *YAML* \n ``deadLetterTargetArn : String`` \n ``maxReceiveCount : Integer``",
+ "description": "The string that includes the parameters for the dead-letter queue functionality of the source queue as a JSON object. The parameters are as follows:\n + ``deadLetterTargetArn``: The Amazon Resource Name (ARN) of the dead-letter queue to which SQS moves messages after the value of ``maxReceiveCount`` is exceeded.\n + ``maxReceiveCount``: The number of times a message is received by a consumer of the source queue before being moved to the dead-letter queue. When the ``ReceiveCount`` for a message exceeds the ``maxReceiveCount`` for a queue, SQS moves the message to the dead-letter-queue.\n \n The dead-letter queue of a FIFO queue must also be a FIFO queue. Similarly, the dead-letter queue of a standard queue must also be a standard queue.\n *JSON* \n ``{ \"deadLetterTargetArn\" : String, \"maxReceiveCount\" : Integer }`` \n *YAML* \n ``deadLetterTargetArn : String`` \n ``maxReceiveCount : Integer``",
"type": [
"object",
"string"
diff --git a/schema/aws-sqs-queuepolicy.json b/schema/aws-sqs-queuepolicy.json
index 0ac772b..22d0240 100644
--- a/schema/aws-sqs-queuepolicy.json
+++ b/schema/aws-sqs-queuepolicy.json
@@ -37,20 +37,6 @@
"description": "The URLs of the queues to which you want to add the policy. You can use the ``Ref`` function to specify an ``AWS::SQS::Queue`` resource.",
"insertionOrder": false,
"items": {
- "anyOf": [
- {
- "relationshipRef": {
- "propertyPath": "/properties/QueueUrl",
- "typeName": "AWS::SQS::Queue"
- }
- },
- {
- "relationshipRef": {
- "propertyPath": "/properties/QueueName",
- "typeName": "AWS::SQS::Queue"
- }
- }
- ],
"type": "string"
},
"type": "array",
diff --git a/schema/aws-ssm-document.json b/schema/aws-ssm-document.json
index 729b25c..da06447 100644
--- a/schema/aws-ssm-document.json
+++ b/schema/aws-ssm-document.json
@@ -111,6 +111,7 @@
},
"read": {
"permissions": [
+ "ssm:DescribeDocument",
"ssm:GetDocument",
"ssm:ListTagsForResource"
]
@@ -226,6 +227,15 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ssm",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "ssm:AddTagsToResource",
+ "ssm:ListTagsForResource",
+ "ssm:RemoveTagsFromResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::SSM::Document",
diff --git a/schema/aws-ssm-patchbaseline.json b/schema/aws-ssm-patchbaseline.json
index 2c37050..cbe2324 100644
--- a/schema/aws-ssm-patchbaseline.json
+++ b/schema/aws-ssm-patchbaseline.json
@@ -361,6 +361,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "ssm:AddTagsToResource",
+ "ssm:ListTagsForResource",
+ "ssm:RemoveTagsFromResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-ssm-resourcedatasync.json b/schema/aws-ssm-resourcedatasync.json
index ef71453..da59387 100644
--- a/schema/aws-ssm-resourcedatasync.json
+++ b/schema/aws-ssm-resourcedatasync.json
@@ -174,9 +174,6 @@
"type": "string"
}
},
- "readOnlyProperties": [
- "/properties/SyncName"
- ],
"required": [
"SyncName"
],
diff --git a/schema/aws-ssm-resourcepolicy.json b/schema/aws-ssm-resourcepolicy.json
index 717f423..e985a98 100644
--- a/schema/aws-ssm-resourcepolicy.json
+++ b/schema/aws-ssm-resourcepolicy.json
@@ -12,6 +12,7 @@
},
"delete": {
"permissions": [
+ "ssm:GetResourcePolicies",
"ssm:DeleteResourcePolicy"
]
},
@@ -27,6 +28,7 @@
},
"update": {
"permissions": [
+ "ssm:GetResourcePolicies",
"ssm:PutResourcePolicy"
]
}
diff --git a/schema/aws-ssmincidents-replicationset.json b/schema/aws-ssmincidents-replicationset.json
index 07a78be..f2acedd 100644
--- a/schema/aws-ssmincidents-replicationset.json
+++ b/schema/aws-ssmincidents-replicationset.json
@@ -16,7 +16,9 @@
"description": "The ReplicationSet regional configuration.",
"properties": {
"SseKmsKeyId": {
- "$ref": "#/definitions/Arn"
+ "description": "The AWS Key Management Service key ID or Key Alias to use to encrypt your replication set.",
+ "maxLength": 2048,
+ "type": "string"
}
},
"required": [
@@ -155,6 +157,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ssm-incidents.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "ssm-incidents:TagResource",
+ "ssm-incidents:UntagResource",
+ "ssm-incidents:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-ssmincidents-responseplan.json b/schema/aws-ssmincidents-responseplan.json
index a7fcd6f..2813457 100644
--- a/schema/aws-ssmincidents-responseplan.json
+++ b/schema/aws-ssmincidents-responseplan.json
@@ -452,6 +452,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-ssm-incidents.git",
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "ssm-incidents:TagResource",
+ "ssm-incidents:UntagResource",
+ "ssm-incidents:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-ssmquicksetup-configurationmanager.json b/schema/aws-ssmquicksetup-configurationmanager.json
new file mode 100644
index 0000000..3722634
--- /dev/null
+++ b/schema/aws-ssmquicksetup-configurationmanager.json
@@ -0,0 +1,325 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ConfigurationDefinitions/*/Type",
+ "/properties/ConfigurationDefinitions/*/TypeVersion"
+ ],
+ "definitions": {
+ "ConfigurationDefinition": {
+ "additionalProperties": false,
+ "properties": {
+ "LocalDeploymentAdministrationRoleArn": {
+ "type": "string"
+ },
+ "LocalDeploymentExecutionRoleName": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Parameters": {
+ "$ref": "#/definitions/ConfigurationParametersMap"
+ },
+ "Type": {
+ "pattern": "^[a-zA-Z0-9_\\-.:/]{3,200}$",
+ "type": "string"
+ },
+ "TypeVersion": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "id": {
+ "type": "string"
+ }
+ },
+ "required": [
+ "Parameters",
+ "Type"
+ ],
+ "type": "object"
+ },
+ "ConfigurationParametersMap": {
+ "additionalProperties": false,
+ "patternProperties": {
+ "^[A-Za-z0-9+=@_\\/\\s-]+$": {
+ "maxLength": 40960,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Status": {
+ "enum": [
+ "INITIALIZING",
+ "DEPLOYING",
+ "SUCCEEDED",
+ "DELETING",
+ "STOPPING",
+ "FAILED",
+ "STOPPED",
+ "DELETE_FAILED",
+ "STOP_FAILED",
+ "NONE"
+ ],
+ "type": "string"
+ },
+ "StatusDetails": {
+ "additionalProperties": false,
+ "patternProperties": {
+ ".+": {
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "StatusSummary": {
+ "additionalProperties": false,
+ "properties": {
+ "LastUpdatedAt": {
+ "type": "string"
+ },
+ "Status": {
+ "$ref": "#/definitions/Status"
+ },
+ "StatusDetails": {
+ "$ref": "#/definitions/StatusDetails"
+ },
+ "StatusMessage": {
+ "type": "string"
+ },
+ "StatusType": {
+ "$ref": "#/definitions/StatusType"
+ }
+ },
+ "required": [
+ "LastUpdatedAt",
+ "StatusType"
+ ],
+ "type": "object"
+ },
+ "StatusType": {
+ "enum": [
+ "Deployment",
+ "AsyncExecutions"
+ ],
+ "type": "string"
+ },
+ "TagsMap": {
+ "additionalProperties": false,
+ "patternProperties": {
+ "^[A-Za-z0-9 +=@_\\/:.-]+$": {
+ "maxLength": 256,
+ "minLength": 1,
+ "pattern": "^[A-Za-z0-9 +=@_\\/:.-]+$",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::SSMQuickSetup::ConfigurationManager Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "iam:GetRole",
+ "iam:CreateServiceLinkedRole",
+ "iam:ListRoles",
+ "iam:PassRole",
+ "ssm-quicksetup:CreateConfigurationManager",
+ "ssm-quicksetup:GetConfigurationManager",
+ "ssm-quicksetup:TagResource",
+ "ssm-quicksetup:UntagResource",
+ "ssm-quicksetup:UpdateConfigurationManager",
+ "ssm:Describe*",
+ "ssm:Get*",
+ "ssm:List*",
+ "ssm:DeleteAssociation",
+ "ssm:CreateResourceDataSync",
+ "ssm:UpdateResourceDataSync",
+ "ssm:StartAutomationExecution",
+ "ssm:CreateAssociation",
+ "ssm:StartAssociationsOnce",
+ "cloudformation:List*",
+ "cloudformation:Describe*",
+ "cloudformation:CreateStack",
+ "cloudformation:CreateStackInstances",
+ "cloudformation:CreateStackSet",
+ "cloudformation:DeleteStack",
+ "cloudformation:DeleteStackInstances",
+ "cloudformation:DeleteStackSet",
+ "cloudformation:UpdateStack",
+ "cloudformation:UpdateStackSet",
+ "cloudformation:StopStackSetOperation",
+ "cloudformation:GetTemplate",
+ "cloudformation:RollbackStack",
+ "cloudformation:TagResource",
+ "cloudformation:UntagResource",
+ "organizations:Describe*",
+ "organizations:List*",
+ "organizations:RegisterDelegatedAdministrator",
+ "organizations:DeregisterDelegatedAdministrator",
+ "organizations:EnableAWSServiceAccess"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "ssm-quicksetup:DeleteConfigurationManager",
+ "iam:GetRole",
+ "iam:CreateServiceLinkedRole",
+ "iam:ListRoles",
+ "iam:PassRole",
+ "ssm-quicksetup:GetConfigurationManager",
+ "ssm-quicksetup:ListConfigurationManagers",
+ "ssm-quicksetup:TagResource",
+ "ssm-quicksetup:UntagResource",
+ "ssm-quicksetup:UpdateConfigurationManager",
+ "ssm:Describe*",
+ "ssm:Get*",
+ "ssm:List*",
+ "ssm:DeleteAssociation",
+ "ssm:CreateResourceDataSync",
+ "ssm:UpdateResourceDataSync",
+ "ssm:StartAutomationExecution",
+ "ssm:CreateAssociation",
+ "ssm:StartAssociationsOnce",
+ "cloudformation:List*",
+ "cloudformation:Describe*",
+ "cloudformation:CreateStack",
+ "cloudformation:CreateStackInstances",
+ "cloudformation:CreateStackSet",
+ "cloudformation:DeleteStack",
+ "cloudformation:DeleteStackInstances",
+ "cloudformation:DeleteStackSet",
+ "cloudformation:UpdateStack",
+ "cloudformation:UpdateStackSet",
+ "cloudformation:StopStackSetOperation",
+ "cloudformation:GetTemplate",
+ "cloudformation:RollbackStack",
+ "cloudformation:TagResource",
+ "cloudformation:UntagResource",
+ "organizations:Describe*",
+ "organizations:List*",
+ "organizations:RegisterDelegatedAdministrator",
+ "organizations:DeregisterDelegatedAdministrator",
+ "organizations:EnableAWSServiceAccess"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "ssm-quicksetup:ListConfigurationManagers"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "ssm-quicksetup:GetConfigurationManager",
+ "iam:GetRole",
+ "iam:PassRole",
+ "iam:ListRoles",
+ "ssm:DescribeDocument",
+ "ssm:GetDocument"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "iam:GetRole",
+ "iam:CreateServiceLinkedRole",
+ "iam:ListRoles",
+ "iam:PassRole",
+ "ssm-quicksetup:GetConfigurationManager",
+ "ssm-quicksetup:TagResource",
+ "ssm-quicksetup:UntagResource",
+ "ssm-quicksetup:UpdateConfigurationManager",
+ "ssm-quicksetup:UpdateConfigurationDefinition",
+ "ssm:Describe*",
+ "ssm:Get*",
+ "ssm:List*",
+ "ssm:DeleteAssociation",
+ "ssm:CreateResourceDataSync",
+ "ssm:UpdateResourceDataSync",
+ "ssm:StartAutomationExecution",
+ "ssm:CreateAssociation",
+ "ssm:StartAssociationsOnce",
+ "cloudformation:List*",
+ "cloudformation:Describe*",
+ "cloudformation:CreateStack",
+ "cloudformation:CreateStackInstances",
+ "cloudformation:CreateStackSet",
+ "cloudformation:DeleteStack",
+ "cloudformation:DeleteStackInstances",
+ "cloudformation:DeleteStackSet",
+ "cloudformation:UpdateStack",
+ "cloudformation:UpdateStackSet",
+ "cloudformation:StopStackSetOperation",
+ "cloudformation:GetTemplate",
+ "cloudformation:RollbackStack",
+ "cloudformation:TagResource",
+ "cloudformation:UntagResource",
+ "organizations:Describe*",
+ "organizations:List*",
+ "organizations:RegisterDelegatedAdministrator",
+ "organizations:DeregisterDelegatedAdministrator",
+ "organizations:EnableAWSServiceAccess"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/ManagerArn"
+ ],
+ "properties": {
+ "ConfigurationDefinitions": {
+ "items": {
+ "$ref": "#/definitions/ConfigurationDefinition"
+ },
+ "type": "array"
+ },
+ "CreatedAt": {
+ "type": "string"
+ },
+ "Description": {
+ "pattern": "^.{0,512}$",
+ "type": "string"
+ },
+ "LastModifiedAt": {
+ "type": "string"
+ },
+ "ManagerArn": {
+ "type": "string"
+ },
+ "Name": {
+ "pattern": "^[ A-Za-z0-9_-]{1,50}$",
+ "type": "string"
+ },
+ "StatusSummaries": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/StatusSummary"
+ },
+ "type": "array"
+ },
+ "Tags": {
+ "$ref": "#/definitions/TagsMap"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/CreatedAt",
+ "/properties/LastModifiedAt",
+ "/properties/ManagerArn",
+ "/properties/StatusSummaries",
+ "/properties/ConfigurationDefinitions/*/id"
+ ],
+ "required": [
+ "ConfigurationDefinitions"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "ssm-quicksetup:TagResource",
+ "ssm-quicksetup:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::SSMQuickSetup::ConfigurationManager"
+}
diff --git a/schema/aws-sso-application.json b/schema/aws-sso-application.json
index cf91eed..e0452d2 100644
--- a/schema/aws-sso-application.json
+++ b/schema/aws-sso-application.json
@@ -80,7 +80,8 @@
"permissions": [
"sso:CreateApplication",
"sso:DescribeApplication",
- "sso:TagResource"
+ "sso:TagResource",
+ "sso:ListTagsForResource"
]
},
"delete": {
@@ -100,7 +101,8 @@
]
},
"permissions": [
- "sso:ListApplications"
+ "sso:ListApplications",
+ "sso:ListTagsForResource"
]
},
"read": {
@@ -191,6 +193,10 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-sso/aws-sso-application",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "sso:TagResource",
+ "sso:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-sso-instance.json b/schema/aws-sso-instance.json
index 5d977c7..6f534c4 100644
--- a/schema/aws-sso-instance.json
+++ b/schema/aws-sso-instance.json
@@ -124,6 +124,12 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-sso/aws-sso-instance",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "sso:TagInstance",
+ "sso:TagResource",
+ "sso:UntagResource",
+ "sso:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-sso-permissionset.json b/schema/aws-sso-permissionset.json
index 1ea0cb6..217e079 100644
--- a/schema/aws-sso-permissionset.json
+++ b/schema/aws-sso-permissionset.json
@@ -223,6 +223,11 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-sso/aws-sso-permissionset",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "sso:TagResource",
+ "sso:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-stepfunctions-activity.json b/schema/aws-stepfunctions-activity.json
index bbac964..4ce640b 100644
--- a/schema/aws-stepfunctions-activity.json
+++ b/schema/aws-stepfunctions-activity.json
@@ -57,6 +57,7 @@
"create": {
"permissions": [
"states:CreateActivity",
+ "states:DescribeActivity",
"states:TagResource",
"kms:DescribeKey"
]
@@ -121,6 +122,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-stepfunctions.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "states:UntagResource",
+ "states:TagResource",
+ "states:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-stepfunctions-statemachine.json b/schema/aws-stepfunctions-statemachine.json
index 7cecafc..b5616a4 100644
--- a/schema/aws-stepfunctions-statemachine.json
+++ b/schema/aws-stepfunctions-statemachine.json
@@ -277,6 +277,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-stepfunctions.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "states:UntagResource",
+ "states:TagResource",
+ "states:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-stepfunctions-statemachineversion.json b/schema/aws-stepfunctions-statemachineversion.json
index 5bbc54d..4eb8d06 100644
--- a/schema/aws-stepfunctions-statemachineversion.json
+++ b/schema/aws-stepfunctions-statemachineversion.json
@@ -2,7 +2,8 @@
"additionalProperties": false,
"createOnlyProperties": [
"/properties/StateMachineArn",
- "/properties/StateMachineRevisionId"
+ "/properties/StateMachineRevisionId",
+ "/properties/Description"
],
"definitions": {},
"description": "Resource schema for StateMachineVersion",
diff --git a/schema/aws-synthetics-canary.json b/schema/aws-synthetics-canary.json
index f49f5fc..1ee5976 100644
--- a/schema/aws-synthetics-canary.json
+++ b/schema/aws-synthetics-canary.json
@@ -54,10 +54,6 @@
"type": "string"
},
"S3Bucket": {
- "relationshipRef": {
- "propertyPath": "/properties/BucketName",
- "typeName": "AWS::S3::Bucket"
- },
"type": "string"
},
"S3Key": {
@@ -78,6 +74,13 @@
],
"type": "object"
},
+ "ResourceToTag": {
+ "description": "Specifies which resources canary tags should be replicated to.",
+ "enum": [
+ "lambda-function"
+ ],
+ "type": "string"
+ },
"RunConfig": {
"additionalProperties": false,
"properties": {
@@ -161,41 +164,23 @@
"VPCConfig": {
"additionalProperties": false,
"properties": {
+ "Ipv6AllowedForDualStack": {
+ "description": "Allow outbound IPv6 traffic on VPC canaries that are connected to dual-stack subnets if set to true",
+ "type": "boolean"
+ },
"SecurityGroupIds": {
"items": {
- "anyOf": [
- {
- "relationshipRef": {
- "propertyPath": "/properties/GroupId",
- "typeName": "AWS::EC2::SecurityGroup"
- }
- },
- {
- "relationshipRef": {
- "propertyPath": "/properties/DefaultSecurityGroup",
- "typeName": "AWS::EC2::VPC"
- }
- }
- ],
"type": "string"
},
"type": "array"
},
"SubnetIds": {
"items": {
- "relationshipRef": {
- "propertyPath": "/properties/SubnetId",
- "typeName": "AWS::EC2::Subnet"
- },
"type": "string"
},
"type": "array"
},
"VpcId": {
- "relationshipRef": {
- "propertyPath": "/properties/VpcId",
- "typeName": "AWS::EC2::VPC"
- },
"type": "string"
}
},
@@ -246,11 +231,13 @@
"lambda:CreateFunction",
"lambda:AddPermission",
"lambda:PublishVersion",
+ "lambda:UpdateFunctionCode",
"lambda:UpdateFunctionConfiguration",
"lambda:GetFunctionConfiguration",
"lambda:GetLayerVersionByArn",
"lambda:GetLayerVersion",
"lambda:PublishLayerVersion",
+ "lambda:TagResource",
"ec2:DescribeVpcs",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
@@ -260,7 +247,9 @@
"delete": {
"permissions": [
"synthetics:DeleteCanary",
- "synthetics:GetCanary"
+ "synthetics:GetCanary",
+ "lambda:DeleteFunction",
+ "lambda:DeleteLayerVersion"
]
},
"list": {
@@ -293,12 +282,19 @@
"s3:GetBucketLocation",
"lambda:AddPermission",
"lambda:PublishVersion",
+ "lambda:UpdateFunctionCode",
"lambda:UpdateFunctionConfiguration",
"lambda:GetFunctionConfiguration",
"lambda:GetLayerVersionByArn",
"lambda:GetLayerVersion",
"lambda:PublishLayerVersion",
- "iam:PassRole"
+ "lambda:ListTags",
+ "lambda:TagResource",
+ "lambda:UntagResource",
+ "iam:PassRole",
+ "ec2:DescribeVpcs",
+ "ec2:DescribeSubnets",
+ "ec2:DescribeSecurityGroups"
]
}
},
@@ -337,9 +333,25 @@
},
"Name": {
"description": "Name of the canary.",
- "pattern": "^[0-9a-z_\\-]{1,21}$",
+ "pattern": "^[0-9a-z_\\-]{1,255}$",
+ "type": "string"
+ },
+ "ProvisionedResourceCleanup": {
+ "description": "Setting to control if provisioned resources created by Synthetics are deleted alongside the canary. Default is AUTOMATIC.",
+ "enum": [
+ "AUTOMATIC",
+ "OFF"
+ ],
"type": "string"
},
+ "ResourcesToReplicateTags": {
+ "description": "List of resources which canary tags should be replicated to.",
+ "items": {
+ "$ref": "#/definitions/ResourceToTag"
+ },
+ "type": "array",
+ "uniqueItems": true
+ },
"RunConfig": {
"$ref": "#/definitions/RunConfig",
"description": "Provide canary run configuration"
@@ -395,6 +407,14 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-synthetics",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "synthetics:TagResource",
+ "synthetics:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::Synthetics::Canary",
@@ -405,6 +425,7 @@
"/properties/Code/Script",
"/properties/DeleteLambdaResourcesOnCanaryDeletion",
"/properties/StartCanaryAfterCreation",
+ "/properties/ResourcesToReplicateTags",
"/properties/RunConfig/EnvironmentVariables",
"/properties/VisualReference"
]
diff --git a/schema/aws-synthetics-group.json b/schema/aws-synthetics-group.json
index 20893f5..6564f8d 100644
--- a/schema/aws-synthetics-group.json
+++ b/schema/aws-synthetics-group.json
@@ -6,7 +6,7 @@
"definitions": {
"ResourceArn": {
"description": "Provide Canary Arn associated with the group.",
- "pattern": "arn:(aws[a-zA-Z-]*)?:synthetics:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}:\\d{12}:canary:[0-9a-z_\\-]",
+ "pattern": "arn:(aws[a-zA-Z-]*)?:synthetics:[a-z]{2}((-gov)|(-iso(b|e|f?)))?-[a-z]+-\\d{1}:\\d{12}:canary:[0-9a-z_\\-]",
"type": "string"
},
"Tag": {
@@ -112,6 +112,15 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-synthetics",
"tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "synthetics:TagResource",
+ "synthetics:UntagResource",
+ "synthetics:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
"taggable": true
},
"typeName": "AWS::Synthetics::Group"
diff --git a/schema/aws-systemsmanagersap-application.json b/schema/aws-systemsmanagersap-application.json
index 35de429..c6c6aee 100644
--- a/schema/aws-systemsmanagersap-application.json
+++ b/schema/aws-systemsmanagersap-application.json
@@ -4,9 +4,37 @@
"/properties/Credentials",
"/properties/Instances",
"/properties/SapInstanceNumber",
- "/properties/Sid"
+ "/properties/Sid",
+ "/properties/DatabaseArn",
+ "/properties/ComponentsInfo"
],
"definitions": {
+ "ComponentInfo": {
+ "properties": {
+ "ComponentType": {
+ "enum": [
+ "HANA",
+ "HANA_NODE",
+ "ABAP",
+ "ASCS",
+ "DIALOG",
+ "WEBDISP",
+ "WD",
+ "ERS"
+ ],
+ "type": "string"
+ },
+ "Ec2InstanceId": {
+ "pattern": "^i-[\\w\\d]{8}$|^i-[\\w\\d]{17}$",
+ "type": "string"
+ },
+ "Sid": {
+ "pattern": "[A-Z][A-Z0-9]{2}",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"Credential": {
"additionalProperties": false,
"properties": {
@@ -62,7 +90,8 @@
"ssm-sap:RegisterApplication",
"ssm-sap:GetApplication",
"ssm-sap:TagResource",
- "ssm-sap:ListTagsForResource"
+ "ssm-sap:ListTagsForResource",
+ "iam:CreateServiceLinkedRole"
]
},
"delete": {
@@ -96,20 +125,30 @@
],
"properties": {
"ApplicationId": {
- "pattern": "[\\w\\d]{1,50}",
+ "pattern": "[\\w\\d\\.-]{1,60}",
"type": "string"
},
"ApplicationType": {
"enum": [
- "HANA"
+ "HANA",
+ "SAP_ABAP"
],
"type": "string"
},
"Arn": {
- "description": "The ARN of the Helix application",
+ "description": "The ARN of the SSM-SAP application",
"pattern": "^arn:(.+:){2,4}.+$|^arn:(.+:){1,3}.+\\/.+$",
"type": "string"
},
+ "ComponentsInfo": {
+ "description": "This is an optional parameter for component details to which the SAP ABAP application is attached, such as Web Dispatcher.",
+ "insertionOrder": true,
+ "items": {
+ "$ref": "#/definitions/ComponentInfo"
+ },
+ "minItems": 1,
+ "type": "array"
+ },
"Credentials": {
"insertionOrder": true,
"items": {
@@ -118,6 +157,11 @@
"minItems": 1,
"type": "array"
},
+ "DatabaseArn": {
+ "description": "The ARN of the SAP HANA database",
+ "pattern": "^arn:(.+:){2,4}.+$|^arn:(.+:){1,3}.+\\/.+$",
+ "type": "string"
+ },
"Instances": {
"insertionOrder": true,
"items": {
@@ -152,6 +196,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "ssm-sap:UntagResource",
+ "ssm-sap:TagResource",
+ "ssm-sap:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
@@ -162,6 +211,8 @@
"/properties/Credentials",
"/properties/Instances",
"/properties/SapInstanceNumber",
- "/properties/Sid"
+ "/properties/Sid",
+ "/properties/DatabaseArn",
+ "/properties/ComponentsInfo"
]
}
diff --git a/schema/aws-timestream-database.json b/schema/aws-timestream-database.json
index e47c9ed..d4a9ad9 100644
--- a/schema/aws-timestream-database.json
+++ b/schema/aws-timestream-database.json
@@ -95,5 +95,17 @@
"/properties/Arn"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-timestream.git",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "timestream:TagResource",
+ "timestream:ListTagsForResource",
+ "timestream:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Timestream::Database"
}
diff --git a/schema/aws-timestream-influxdbinstance.json b/schema/aws-timestream-influxdbinstance.json
index 6571c54..a0f364e 100644
--- a/schema/aws-timestream-influxdbinstance.json
+++ b/schema/aws-timestream-influxdbinstance.json
@@ -6,13 +6,12 @@
"/properties/Password",
"/properties/Organization",
"/properties/Bucket",
- "/properties/DbInstanceType",
"/properties/VpcSubnetIds",
"/properties/VpcSecurityGroupIds",
"/properties/PubliclyAccessible",
"/properties/DbStorageType",
"/properties/AllocatedStorage",
- "/properties/DeploymentType"
+ "/properties/NetworkType"
],
"definitions": {
"Tag": {
@@ -88,7 +87,9 @@
"timestream-influxdb:UpdateDbInstance",
"timestream-influxdb:TagResource",
"timestream-influxdb:UntagResource",
- "timestream-influxdb:ListTagsForResource"
+ "timestream-influxdb:ListTagsForResource",
+ "ec2:DescribeSubnets",
+ "ec2:DescribeVpcs"
],
"timeoutInMinutes": 2160
}
@@ -211,7 +212,15 @@
"description": "The unique name that is associated with the InfluxDB instance.",
"maxLength": 40,
"minLength": 3,
- "pattern": "^[a-zA-z][a-zA-Z0-9]*(-[a-zA-Z0-9]+)*$",
+ "pattern": "^[a-zA-Z][a-zA-Z0-9]*(-[a-zA-Z0-9]+)*$",
+ "type": "string"
+ },
+ "NetworkType": {
+ "description": "Network type of the InfluxDB Instance.",
+ "enum": [
+ "IPV4",
+ "DUAL"
+ ],
"type": "string"
},
"Organization": {
@@ -227,6 +236,12 @@
"pattern": "^[a-zA-Z0-9]+$",
"type": "string"
},
+ "Port": {
+ "description": "The port number on which InfluxDB accepts connections.",
+ "maximum": 65535,
+ "minimum": 1024,
+ "type": "integer"
+ },
"PubliclyAccessible": {
"default": false,
"description": "Attach a public IP to the customer ENI.",
@@ -244,6 +259,8 @@
"DELETING",
"MODIFYING",
"UPDATING",
+ "UPDATING_DEPLOYMENT_TYPE",
+ "UPDATING_INSTANCE_TYPE",
"DELETED",
"FAILED"
],
@@ -299,6 +316,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-timestream.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "timestream-influxdb:TagResource",
+ "timestream-influxdb:ListTagsForResource",
+ "timestream-influxdb:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-timestream-scheduledquery.json b/schema/aws-timestream-scheduledquery.json
index 7d4a8c5..f34eba7 100644
--- a/schema/aws-timestream-scheduledquery.json
+++ b/schema/aws-timestream-scheduledquery.json
@@ -542,5 +542,17 @@
"ErrorReportConfiguration"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-timestream.git",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "timestream:TagResource",
+ "timestream:ListTagsForResource",
+ "timestream:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Timestream::ScheduledQuery"
}
diff --git a/schema/aws-timestream-table.json b/schema/aws-timestream-table.json
index 48b5c4a..f958823 100644
--- a/schema/aws-timestream-table.json
+++ b/schema/aws-timestream-table.json
@@ -236,5 +236,17 @@
"DatabaseName"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-timestream.git",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "timestream:TagResource",
+ "timestream:ListTagsForResource",
+ "timestream:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Timestream::Table"
}
diff --git a/schema/aws-transfer-agreement.json b/schema/aws-transfer-agreement.json
index 9438c05..25062fe 100644
--- a/schema/aws-transfer-agreement.json
+++ b/schema/aws-transfer-agreement.json
@@ -103,6 +103,45 @@
"pattern": "^(|/.*)$",
"type": "string"
},
+ "CustomDirectories": {
+ "additionalProperties": false,
+ "description": "Specifies a separate directory for each type of file to store for an AS2 message.",
+ "properties": {
+ "FailedFilesDirectory": {
+ "description": "Specifies a location to store the failed files for an AS2 message.",
+ "pattern": "(|/.*)",
+ "type": "string"
+ },
+ "MdnFilesDirectory": {
+ "description": "Specifies a location to store the MDN file for an AS2 message.",
+ "pattern": "(|/.*)",
+ "type": "string"
+ },
+ "PayloadFilesDirectory": {
+ "description": "Specifies a location to store the payload file for an AS2 message.",
+ "pattern": "(|/.*)",
+ "type": "string"
+ },
+ "StatusFilesDirectory": {
+ "description": "Specifies a location to store the status file for an AS2 message.",
+ "pattern": "(|/.*)",
+ "type": "string"
+ },
+ "TemporaryFilesDirectory": {
+ "description": "Specifies a location to store the temporary processing file for an AS2 message.",
+ "pattern": "(|/.*)",
+ "type": "string"
+ }
+ },
+ "required": [
+ "FailedFilesDirectory",
+ "MdnFilesDirectory",
+ "PayloadFilesDirectory",
+ "StatusFilesDirectory",
+ "TemporaryFilesDirectory"
+ ],
+ "type": "object"
+ },
"Description": {
"description": "A textual description for the agreement.",
"maxLength": 200,
@@ -110,6 +149,14 @@
"pattern": "^[\\u0021-\\u007E]+$",
"type": "string"
},
+ "EnforceMessageSigning": {
+ "description": "Specifies whether to enforce an AS2 message is signed for this agreement.",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"LocalProfileId": {
"description": "A unique identifier for the local profile.",
"maxLength": 19,
@@ -124,6 +171,14 @@
"pattern": "^p-([0-9a-f]{17})$",
"type": "string"
},
+ "PreserveFilename": {
+ "description": "Specifies whether to preserve the filename received for this agreement.",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"ServerId": {
"description": "A unique identifier for the server.",
"maxLength": 19,
@@ -158,12 +213,16 @@
"ServerId",
"LocalProfileId",
"PartnerProfileId",
- "BaseDirectory",
"AccessRole"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-transfer",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "transfer:ListTagsForResource",
+ "transfer:UnTagResource",
+ "transfer:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-transfer-certificate.json b/schema/aws-transfer-certificate.json
index d64515c..28c73c2 100644
--- a/schema/aws-transfer-certificate.json
+++ b/schema/aws-transfer-certificate.json
@@ -182,6 +182,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "transfer:ListTagsForResource",
+ "transfer:UnTagResource",
+ "transfer:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-transfer-connector.json b/schema/aws-transfer-connector.json
index 4b720e2..3b3fc17 100644
--- a/schema/aws-transfer-connector.json
+++ b/schema/aws-transfer-connector.json
@@ -152,6 +152,14 @@
"pattern": "^p-([0-9a-f]{17})$",
"type": "string"
},
+ "PreserveContentType": {
+ "description": "Specifies whether to use the AWS S3 object content-type as the content-type for the AS2 message.",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
"SigningAlgorithm": {
"description": "Signing algorithm for this AS2 connector configuration.",
"enum": [
@@ -245,6 +253,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "transfer:ListTagsForResource",
+ "transfer:UnTagResource",
+ "transfer:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-transfer-profile.json b/schema/aws-transfer-profile.json
index f7b0b93..b27fc2d 100644
--- a/schema/aws-transfer-profile.json
+++ b/schema/aws-transfer-profile.json
@@ -128,6 +128,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "transfer:ListTagsForResource",
+ "transfer:UnTagResource",
+ "transfer:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-transfer-server.json b/schema/aws-transfer-server.json
index c26dac2..b76dc98 100644
--- a/schema/aws-transfer-server.json
+++ b/schema/aws-transfer-server.json
@@ -1,39 +1,71 @@
{
+ "additionalIdentifiers": [
+ [
+ "/properties/ServerId"
+ ]
+ ],
"additionalProperties": false,
+ "conditionalCreateOnlyProperties": [
+ "/properties/EndpointDetails",
+ "/properties/EndpointDetails/AddressAllocationIds"
+ ],
"createOnlyProperties": [
- "/properties/IdentityProviderType",
- "/properties/Domain"
+ "/properties/Domain",
+ "/properties/IdentityProviderType"
],
"definitions": {
"As2Transport": {
- "additionalProperties": false,
- "type": "object"
+ "enum": [
+ "HTTP"
+ ],
+ "type": "string"
+ },
+ "DirectoryListingOptimization": {
+ "description": "Indicates whether optimization to directory listing on S3 servers is used. Disabled by default for compatibility.",
+ "enum": [
+ "ENABLED",
+ "DISABLED"
+ ],
+ "type": "string"
+ },
+ "Domain": {
+ "enum": [
+ "S3",
+ "EFS"
+ ],
+ "type": "string"
},
"EndpointDetails": {
"additionalProperties": false,
"properties": {
"AddressAllocationIds": {
+ "insertionOrder": true,
"items": {
"type": "string"
},
- "type": "array",
- "uniqueItems": false
+ "type": "array"
},
"SecurityGroupIds": {
+ "insertionOrder": false,
"items": {
+ "maxLength": 20,
+ "minLength": 11,
+ "pattern": "^sg-[0-9a-f]{8,17}$",
"type": "string"
},
- "type": "array",
- "uniqueItems": false
+ "type": "array"
},
"SubnetIds": {
+ "insertionOrder": true,
"items": {
"type": "string"
},
- "type": "array",
- "uniqueItems": false
+ "type": "array"
},
"VpcEndpointId": {
+ "maxLength": 22,
+ "minLength": 22,
+ "pattern": "^vpce-[0-9a-f]{17}$",
"type": "string"
},
"VpcId": {
@@ -42,49 +74,86 @@
},
"type": "object"
},
+ "EndpointType": {
+ "enum": [
+ "PUBLIC",
+ "VPC",
+ "VPC_ENDPOINT"
+ ],
+ "type": "string"
+ },
"IdentityProviderDetails": {
"additionalProperties": false,
"properties": {
"DirectoryId": {
+ "maxLength": 12,
+ "minLength": 12,
+ "pattern": "^d-[0-9a-f]{10}$",
"type": "string"
},
"Function": {
+ "maxLength": 170,
+ "minLength": 1,
+ "pattern": "^arn:[a-z-]+:lambda:.*$",
"type": "string"
},
"InvocationRole": {
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:.*role/\\S+$",
"type": "string"
},
"SftpAuthenticationMethods": {
- "type": "string"
+ "$ref": "#/definitions/SftpAuthenticationMethods"
},
"Url": {
+ "maxLength": 255,
+ "minLength": 0,
"type": "string"
}
},
"type": "object"
},
+ "IdentityProviderType": {
+ "enum": [
+ "SERVICE_MANAGED",
+ "API_GATEWAY",
+ "AWS_DIRECTORY_SERVICE",
+ "AWS_LAMBDA"
+ ],
+ "type": "string"
+ },
"Protocol": {
- "additionalProperties": false,
- "type": "object"
+ "enum": [
+ "SFTP",
+ "FTP",
+ "FTPS",
+ "AS2"
+ ],
+ "type": "string"
},
"ProtocolDetails": {
"additionalProperties": false,
"properties": {
"As2Transports": {
+ "insertionOrder": false,
"items": {
"$ref": "#/definitions/As2Transport"
},
- "type": "array",
- "uniqueItems": false
+ "maxItems": 1,
+ "minItems": 1,
+ "type": "array"
},
"PassiveIp": {
+ "maxLength": 15,
+ "minLength": 0,
"type": "string"
},
"SetStatOption": {
- "type": "string"
+ "$ref": "#/definitions/SetStatOption"
},
"TlsSessionResumptionMode": {
- "type": "string"
+ "$ref": "#/definitions/TlsSessionResumptionMode"
}
},
"type": "object"
@@ -93,44 +162,85 @@
"additionalProperties": false,
"properties": {
"DirectoryListingOptimization": {
- "type": "string"
+ "$ref": "#/definitions/DirectoryListingOptimization"
}
},
"type": "object"
},
- "StructuredLogDestination": {
- "additionalProperties": false,
- "type": "object"
+ "SetStatOption": {
+ "enum": [
+ "DEFAULT",
+ "ENABLE_NO_OP"
+ ],
+ "type": "string"
+ },
+ "SftpAuthenticationMethods": {
+ "enum": [
+ "PASSWORD",
+ "PUBLIC_KEY",
+ "PUBLIC_KEY_OR_PASSWORD",
+ "PUBLIC_KEY_AND_PASSWORD"
+ ],
+ "type": "string"
+ },
+ "State": {
+ "enum": [
+ "OFFLINE",
+ "ONLINE",
+ "STARTING",
+ "STOPPING",
+ "START_FAILED",
+ "STOP_FAILED"
+ ],
+ "type": "string"
},
"Tag": {
"additionalProperties": false,
"properties": {
"Key": {
+ "maxLength": 128,
+ "minLength": 0,
"type": "string"
},
"Value": {
+ "maxLength": 256,
+ "minLength": 0,
"type": "string"
}
},
"required": [
- "Value",
- "Key"
+ "Key",
+ "Value"
],
"type": "object"
},
+ "TlsSessionResumptionMode": {
+ "enum": [
+ "DISABLED",
+ "ENABLED",
+ "ENFORCED"
+ ],
+ "type": "string"
+ },
"WorkflowDetail": {
"additionalProperties": false,
"properties": {
"ExecutionRole": {
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:.*role/\\S+$",
"type": "string"
},
"WorkflowId": {
+ "maxLength": 19,
+ "minLength": 19,
+ "pattern": "^w-([a-z0-9]{17})$",
"type": "string"
}
},
"required": [
- "WorkflowId",
- "ExecutionRole"
+ "ExecutionRole",
+ "WorkflowId"
],
"type": "object"
},
@@ -138,98 +248,244 @@
"additionalProperties": false,
"properties": {
"OnPartialUpload": {
+ "insertionOrder": true,
"items": {
"$ref": "#/definitions/WorkflowDetail"
},
- "type": "array",
- "uniqueItems": false
+ "maxItems": 1,
+ "minItems": 0,
+ "type": "array"
},
"OnUpload": {
+ "insertionOrder": true,
"items": {
"$ref": "#/definitions/WorkflowDetail"
},
- "type": "array",
- "uniqueItems": false
+ "maxItems": 1,
+ "minItems": 0,
+ "type": "array"
}
},
"type": "object"
}
},
- "description": "Resource Type definition for AWS::Transfer::Server",
+ "description": "Definition of AWS::Transfer::Server Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "apigateway:GET",
+ "ds:AuthorizeApplication",
+ "ds:DescribeDirectories",
+ "ec2:AssociateAddress",
+ "ec2:CreateVpcEndpoint",
+ "ec2:DescribeAddresses",
+ "ec2:DescribeNetworkInterfaces",
+ "ec2:DescribeVpcEndpoints",
+ "iam:PassRole",
+ "logs:CreateLogDelivery",
+ "logs:DeleteLogDelivery",
+ "logs:DescribeLogGroups",
+ "logs:DescribeResourcePolicies",
+ "logs:GetLogDelivery",
+ "logs:ListLogDeliveries",
+ "logs:PutResourcePolicy",
+ "logs:UpdateLogDelivery",
+ "transfer:CreateServer",
+ "transfer:DescribeServer",
+ "transfer:StartServer",
+ "transfer:StopServer",
+ "transfer:TagResource",
+ "transfer:UpdateServer"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "ds:DescribeDirectories",
+ "ds:UnauthorizeApplication",
+ "ec2:DeleteVpcEndpoints",
+ "ec2:DescribeAddresses",
+ "ec2:DescribeNetworkInterfaces",
+ "ec2:DescribeVpcEndpoints",
+ "ec2:DisassociateAddress",
+ "logs:DeleteLogDelivery",
+ "logs:GetLogDelivery",
+ "logs:ListLogDeliveries",
+ "transfer:DeleteServer"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "transfer:ListServers"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "ec2:DescribeVpcEndpoints",
+ "transfer:DescribeServer"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "apigateway:GET",
+ "ec2:AssociateAddress",
+ "ec2:CreateVpcEndpoint",
+ "ec2:DeleteVpcEndpoints",
+ "ec2:DescribeAddresses",
+ "ec2:DescribeNetworkInterfaces",
+ "ec2:DescribeVpcEndpoints",
+ "ec2:DisassociateAddress",
+ "ec2:ModifyVpcEndpoint",
+ "iam:PassRole",
+ "logs:CreateLogDelivery",
+ "logs:DeleteLogDelivery",
+ "logs:DescribeLogGroups",
+ "logs:DescribeResourcePolicies",
+ "logs:GetLogDelivery",
+ "logs:ListLogDeliveries",
+ "logs:PutResourcePolicy",
+ "logs:UpdateLogDelivery",
+ "transfer:DescribeServer",
+ "transfer:StartServer",
+ "transfer:StopServer",
+ "transfer:TagResource",
+ "transfer:UnTagResource",
+ "transfer:UpdateServer"
+ ]
+ }
+ },
"primaryIdentifier": [
- "/properties/ServerId"
+ "/properties/Arn"
],
"properties": {
"Arn": {
+ "maxLength": 1600,
+ "minLength": 20,
+ "pattern": "^arn:\\S+$",
"type": "string"
},
+ "As2ServiceManagedEgressIpAddresses": {
+ "description": "The list of egress IP addresses of this server. These IP addresses are only relevant for servers that use the AS2 protocol. They are used for sending asynchronous MDNs. These IP addresses are assigned automatically when you create an AS2 server. Additionally, if you update an existing server and add the AS2 protocol, static IP addresses are assigned as well.",
+ "insertionOrder": false,
+ "items": {
+ "pattern": "^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$",
+ "type": "string"
+ },
+ "type": "array"
+ },
"Certificate": {
+ "maxLength": 1600,
+ "minLength": 0,
"type": "string"
},
"Domain": {
- "type": "string"
+ "$ref": "#/definitions/Domain"
},
"EndpointDetails": {
"$ref": "#/definitions/EndpointDetails"
},
"EndpointType": {
- "type": "string"
+ "$ref": "#/definitions/EndpointType"
},
"IdentityProviderDetails": {
"$ref": "#/definitions/IdentityProviderDetails"
},
"IdentityProviderType": {
- "type": "string"
+ "$ref": "#/definitions/IdentityProviderType"
},
"LoggingRole": {
+ "maxLength": 2048,
+ "minLength": 0,
+ "pattern": "^(|arn:.*role/\\S+)$",
"type": "string"
},
"PostAuthenticationLoginBanner": {
+ "maxLength": 4096,
+ "minLength": 0,
+ "pattern": "^[\\x09-\\x0D\\x20-\\x7E]*$",
"type": "string"
},
"PreAuthenticationLoginBanner": {
+ "maxLength": 4096,
+ "minLength": 0,
+ "pattern": "^[\\x09-\\x0D\\x20-\\x7E]*$",
"type": "string"
},
"ProtocolDetails": {
"$ref": "#/definitions/ProtocolDetails"
},
"Protocols": {
+ "insertionOrder": false,
"items": {
"$ref": "#/definitions/Protocol"
},
- "type": "array",
- "uniqueItems": false
+ "maxItems": 4,
+ "minItems": 1,
+ "type": "array"
},
"S3StorageOptions": {
"$ref": "#/definitions/S3StorageOptions"
},
"SecurityPolicyName": {
+ "maxLength": 100,
+ "minLength": 0,
+ "pattern": "^TransferSecurityPolicy-.+$",
"type": "string"
},
"ServerId": {
+ "maxLength": 19,
+ "minLength": 19,
+ "pattern": "^s-([0-9a-f]{17})$",
"type": "string"
},
+ "State": {
+ "$ref": "#/definitions/State"
+ },
"StructuredLogDestinations": {
+ "insertionOrder": false,
"items": {
- "$ref": "#/definitions/StructuredLogDestination"
+ "maxLength": 1600,
+ "minLength": 20,
+ "pattern": "^arn:\\S+$",
+ "type": "string"
},
- "type": "array",
- "uniqueItems": false
+ "maxItems": 1,
+ "minItems": 0,
+ "type": "array"
},
"Tags": {
+ "insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
},
- "type": "array",
- "uniqueItems": false
+ "maxItems": 50,
+ "minItems": 1,
+ "type": "array"
},
"WorkflowDetails": {
"$ref": "#/definitions/WorkflowDetails"
}
},
"readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/As2ServiceManagedEgressIpAddresses",
"/properties/ServerId",
- "/properties/Arn"
+ "/properties/State"
],
- "typeName": "AWS::Transfer::Server"
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-transfer",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "transfer:TagResource",
+ "transfer:UnTagResource",
+ "transfer:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::Transfer::Server",
+ "writeOnlyProperties": [
+ "/properties/IdentityProviderType"
+ ]
}
diff --git a/schema/aws-transfer-user.json b/schema/aws-transfer-user.json
index fa75668..40804cb 100644
--- a/schema/aws-transfer-user.json
+++ b/schema/aws-transfer-user.json
@@ -1,4 +1,10 @@
{
+ "additionalIdentifiers": [
+ [
+ "/properties/ServerId",
+ "/properties/UserName"
+ ]
+ ],
"additionalProperties": false,
"createOnlyProperties": [
"/properties/ServerId",
@@ -9,13 +15,19 @@
"additionalProperties": false,
"properties": {
"Entry": {
+ "maxLength": 1024,
+ "minLength": 0,
+ "pattern": "^/.*$",
"type": "string"
},
"Target": {
+ "maxLength": 1024,
+ "minLength": 0,
+ "pattern": "^/.*$",
"type": "string"
},
"Type": {
- "type": "string"
+ "$ref": "#/definitions/MapType"
}
},
"required": [
@@ -24,106 +36,196 @@
],
"type": "object"
},
+ "HomeDirectoryType": {
+ "enum": [
+ "PATH",
+ "LOGICAL"
+ ],
+ "type": "string"
+ },
+ "MapType": {
+ "enum": [
+ "FILE",
+ "DIRECTORY"
+ ],
+ "type": "string"
+ },
"PosixProfile": {
"additionalProperties": false,
"properties": {
"Gid": {
+ "maximum": 4294967295,
+ "minimum": 0,
"type": "number"
},
"SecondaryGids": {
+ "insertionOrder": false,
"items": {
+ "maximum": 4294967295,
+ "minimum": 0,
"type": "number"
},
- "type": "array",
- "uniqueItems": false
+ "maxItems": 16,
+ "minItems": 0,
+ "type": "array"
},
"Uid": {
+ "maximum": 4294967295,
+ "minimum": 0,
"type": "number"
}
},
"required": [
- "Uid",
- "Gid"
+ "Gid",
+ "Uid"
],
"type": "object"
},
- "SshPublicKey": {
- "additionalProperties": false,
- "type": "object"
- },
"Tag": {
"additionalProperties": false,
"properties": {
"Key": {
+ "maxLength": 128,
+ "minLength": 0,
"type": "string"
},
"Value": {
+ "maxLength": 256,
+ "minLength": 0,
"type": "string"
}
},
"required": [
- "Value",
- "Key"
+ "Key",
+ "Value"
],
"type": "object"
}
},
- "description": "Resource Type definition for AWS::Transfer::User",
+ "description": "Definition of AWS::Transfer::User Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "iam:PassRole",
+ "transfer:CreateUser",
+ "transfer:DescribeUser",
+ "transfer:ImportSshPublicKey",
+ "transfer:TagResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "transfer:DeleteUser"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "ServerId": {
+ "$ref": "resource-schema.json#/properties/ServerId"
+ }
+ },
+ "required": [
+ "ServerId"
+ ]
+ },
+ "permissions": [
+ "transfer:ListUsers"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "transfer:DescribeUser"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "iam:PassRole",
+ "transfer:DeleteSshPublicKey",
+ "transfer:DescribeUser",
+ "transfer:ImportSshPublicKey",
+ "transfer:TagResource",
+ "transfer:UnTagResource",
+ "transfer:UpdateUser"
+ ]
+ }
+ },
"primaryIdentifier": [
- "/properties/Id"
+ "/properties/Arn"
],
"properties": {
"Arn": {
+ "maxLength": 1600,
+ "minLength": 20,
+ "pattern": "^arn:\\S+$",
"type": "string"
},
"HomeDirectory": {
+ "maxLength": 1024,
+ "minLength": 0,
+ "pattern": "^(|/.*)$",
"type": "string"
},
"HomeDirectoryMappings": {
+ "insertionOrder": false,
"items": {
"$ref": "#/definitions/HomeDirectoryMapEntry"
},
- "type": "array",
- "uniqueItems": false
+ "maxItems": 50000,
+ "minItems": 1,
+ "type": "array"
},
"HomeDirectoryType": {
- "type": "string"
- },
- "Id": {
- "type": "string"
+ "$ref": "#/definitions/HomeDirectoryType"
},
"Policy": {
+ "maxLength": 2048,
+ "minLength": 0,
"type": "string"
},
"PosixProfile": {
"$ref": "#/definitions/PosixProfile"
},
"Role": {
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:.*role/\\S+$",
"type": "string"
},
"ServerId": {
+ "maxLength": 19,
+ "minLength": 19,
+ "pattern": "^s-([0-9a-f]{17})$",
"type": "string"
},
"SshPublicKeys": {
+ "description": "This represents the SSH User Public Keys for CloudFormation resource",
+ "insertionOrder": false,
"items": {
- "$ref": "#/definitions/SshPublicKey"
+ "maxLength": 2048,
+ "minLength": 0,
+ "pattern": "^\\s*(ssh|ecdsa)-[a-z0-9-]+[ \\t]+(([A-Za-z0-9+/]{4})*([A-Za-z0-9+/]{1,3})?(={0,3})?)(\\s*|[ \\t]+[\\S \\t]*\\s*)$",
+ "type": "string"
},
- "type": "array",
- "uniqueItems": false
+ "type": "array"
},
"Tags": {
+ "insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
},
- "type": "array",
- "uniqueItems": false
+ "maxItems": 50,
+ "minItems": 1,
+ "type": "array"
},
"UserName": {
+ "maxLength": 100,
+ "minLength": 3,
+ "pattern": "^[\\w][\\w@.-]{2,99}$",
"type": "string"
}
},
"readOnlyProperties": [
- "/properties/Id",
"/properties/Arn"
],
"required": [
@@ -131,5 +233,18 @@
"ServerId",
"UserName"
],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-transfer",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "transfer:TagResource",
+ "transfer:UnTagResource",
+ "transfer:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
"typeName": "AWS::Transfer::User"
}
diff --git a/schema/aws-transfer-webapp.json b/schema/aws-transfer-webapp.json
new file mode 100644
index 0000000..2d0c2a4
--- /dev/null
+++ b/schema/aws-transfer-webapp.json
@@ -0,0 +1,240 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/WebAppId"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/WebAppEndpointPolicy",
+ "/properties/IdentityProviderDetails/InstanceArn"
+ ],
+ "definitions": {
+ "IdentityProviderDetails": {
+ "additionalProperties": false,
+ "description": "You can provide a structure that contains the details for the identity provider to use with your web app.",
+ "properties": {
+ "ApplicationArn": {
+ "maxLength": 1224,
+ "minLength": 10,
+ "pattern": "^arn:[\\w-]+:sso::\\d{12}:application/(sso)?ins-[a-zA-Z0-9-.]{16}/apl-[a-zA-Z0-9]{16}$",
+ "type": "string"
+ },
+ "InstanceArn": {
+ "description": "The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app.",
+ "maxLength": 1224,
+ "minLength": 10,
+ "pattern": "^arn:[\\w-]+:sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}$",
+ "type": "string"
+ },
+ "Role": {
+ "description": "The IAM role in IAM Identity Center used for the web app.",
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:[a-z-]+:iam::[0-9]{12}:role[:/]\\S+$",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "description": "Key-value pair that can be used to group and search for web apps.",
+ "properties": {
+ "Key": {
+ "maxLength": 128,
+ "minLength": 0,
+ "type": "string"
+ },
+ "Value": {
+ "maxLength": 256,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ },
+ "WebAppCustomization": {
+ "additionalProperties": false,
+ "properties": {
+ "FaviconFile": {
+ "description": "Specifies a favicon to display in the browser tab.",
+ "maxLength": 20960,
+ "minLength": 1,
+ "type": "string"
+ },
+ "LogoFile": {
+ "description": "Specifies a logo to display on the web app.",
+ "maxLength": 51200,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Title": {
+ "description": "Specifies a title to display on the web app.",
+ "maxLength": 100,
+ "minLength": 0,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "WebAppEndpointPolicy": {
+ "enum": [
+ "STANDARD",
+ "FIPS"
+ ],
+ "type": "string"
+ },
+ "WebAppUnits": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "description": "A union that contains the value for number of concurrent connections or the user sessions on your web app.",
+ "properties": {
+ "Provisioned": {
+ "minimum": 1,
+ "type": "integer"
+ }
+ },
+ "required": [
+ "Provisioned"
+ ],
+ "title": "Provisioned",
+ "type": "object"
+ }
+ ]
+ }
+ },
+ "description": "Resource Type definition for AWS::Transfer::WebApp",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "transfer:CreateWebApp",
+ "transfer:DescribeWebApp",
+ "transfer:DescribeWebAppCustomization",
+ "transfer:TagResource",
+ "transfer:UpdateWebAppCustomization",
+ "iam:PassRole",
+ "sso:CreateApplication",
+ "sso:DescribeApplication",
+ "sso:ListApplications",
+ "sso:PutApplicationGrant",
+ "sso:GetApplicationGrant",
+ "sso:ListApplicationGrants",
+ "sso:PutApplicationAuthenticationMethod",
+ "sso:GetApplicationAuthenticationMethod",
+ "sso:ListApplicationAuthenticationMethods",
+ "sso:PutApplicationAccessScope",
+ "sso:GetApplicationAccessScope",
+ "sso:ListApplicationAccessScopes"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "transfer:DeleteWebApp",
+ "sso:DescribeApplication",
+ "sso:DeleteApplication"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "transfer:ListWebApps"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "transfer:DescribeWebApp",
+ "transfer:DescribeWebAppCustomization"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "transfer:DescribeWebApp",
+ "transfer:DescribeWebAppCustomization",
+ "transfer:UpdateWebApp",
+ "transfer:UpdateWebAppCustomization",
+ "transfer:DeleteWebAppCustomization",
+ "transfer:UnTagResource",
+ "transfer:TagResource",
+ "iam:PassRole",
+ "sso:PutApplicationGrant",
+ "sso:GetApplicationGrant",
+ "sso:ListApplicationGrants",
+ "sso:UpdateApplication",
+ "sso:DescribeApplication",
+ "sso:ListApplications"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn"
+ ],
+ "properties": {
+ "AccessEndpoint": {
+ "description": "The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value.",
+ "maxLength": 1024,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Arn": {
+ "description": "Specifies the unique Amazon Resource Name (ARN) for the web app.",
+ "maxLength": 1600,
+ "minLength": 20,
+ "pattern": "arn:.*",
+ "type": "string"
+ },
+ "IdentityProviderDetails": {
+ "$ref": "#/definitions/IdentityProviderDetails"
+ },
+ "Tags": {
+ "description": "Key-value pairs that can be used to group and search for web apps.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 50,
+ "type": "array"
+ },
+ "WebAppCustomization": {
+ "$ref": "#/definitions/WebAppCustomization"
+ },
+ "WebAppEndpointPolicy": {
+ "$ref": "#/definitions/WebAppEndpointPolicy"
+ },
+ "WebAppId": {
+ "description": "A unique identifier for the web app.",
+ "maxLength": 24,
+ "minLength": 24,
+ "pattern": "^webapp-([0-9a-f]{17})$",
+ "type": "string"
+ },
+ "WebAppUnits": {
+ "$ref": "#/definitions/WebAppUnits"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Arn",
+ "/properties/WebAppId",
+ "/properties/IdentityProviderDetails/ApplicationArn"
+ ],
+ "required": [
+ "IdentityProviderDetails"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "transfer:TagResource",
+ "transfer:UnTagResource",
+ "transfer:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::Transfer::WebApp"
+}
diff --git a/schema/aws-transfer-workflow.json b/schema/aws-transfer-workflow.json
index ae9255e..86ea478 100644
--- a/schema/aws-transfer-workflow.json
+++ b/schema/aws-transfer-workflow.json
@@ -391,6 +391,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "transfer:ListTagsForResource",
+ "transfer:UnTagResource",
+ "transfer:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-voiceid-domain.json b/schema/aws-voiceid-domain.json
index 7b5a78f..759e70a 100644
--- a/schema/aws-voiceid-domain.json
+++ b/schema/aws-voiceid-domain.json
@@ -128,15 +128,14 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "voiceid:TagResource",
+ "voiceid:UntagResource"
+ ],
"tagOnCreate": true,
- "tagProperty": "#/properties/Tags",
+ "tagProperty": "/properties/Tags",
"tagUpdatable": true,
"taggable": true
},
- "typeName": "AWS::VoiceID::Domain",
- "writeOnlyProperties": [
- "/properties/Description",
- "/properties/Name",
- "/properties/ServerSideEncryptionConfiguration"
- ]
+ "typeName": "AWS::VoiceID::Domain"
}
diff --git a/schema/aws-vpclattice-accesslogsubscription.json b/schema/aws-vpclattice-accesslogsubscription.json
index ac1d47a..36c6735 100644
--- a/schema/aws-vpclattice-accesslogsubscription.json
+++ b/schema/aws-vpclattice-accesslogsubscription.json
@@ -4,7 +4,9 @@
"/properties/Id"
],
[
- "/properties/ResourceIdentifier"
+ "/properties/ResourceIdentifier",
+ "/properties/DestinationArn",
+ "/properties/ServiceNetworkLogType"
]
],
"additionalProperties": false,
@@ -89,7 +91,8 @@
]
},
"permissions": [
- "vpc-lattice:ListAccessLogSubscriptions"
+ "vpc-lattice:ListAccessLogSubscriptions",
+ "logs:GetLogDelivery"
]
},
"read": {
@@ -103,6 +106,7 @@
"permissions": [
"vpc-lattice:GetAccessLogSubscription",
"vpc-lattice:UpdateAccessLogSubscription",
+ "vpc-lattice:ListTagsForResource",
"vpc-lattice:TagResource",
"vpc-lattice:UntagResource",
"logs:UpdateLogDelivery",
@@ -161,8 +165,15 @@
},
"ResourceIdentifier": {
"maxLength": 2048,
- "minLength": 20,
- "pattern": "^((((sn)|(svc))-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(service/svc))-[0-9a-z]{17}))$",
+ "minLength": 17,
+ "pattern": "^((((sn)|(svc)|(rcfg))-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(resourceconfiguration/rcfg)|(service/svc))-[0-9a-z]{17}))$",
+ "type": "string"
+ },
+ "ServiceNetworkLogType": {
+ "enum": [
+ "SERVICE",
+ "RESOURCE"
+ ],
"type": "string"
},
"Tags": {
@@ -187,6 +198,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-vpclattice-authpolicy.json b/schema/aws-vpclattice-authpolicy.json
index 9bb7a39..b7a4c66 100644
--- a/schema/aws-vpclattice-authpolicy.json
+++ b/schema/aws-vpclattice-authpolicy.json
@@ -38,7 +38,7 @@
},
"ResourceIdentifier": {
"maxLength": 200,
- "minLength": 21,
+ "minLength": 17,
"pattern": "^((((sn)|(svc))-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(service/svc))-[0-9a-z]{17}))$",
"type": "string"
},
diff --git a/schema/aws-vpclattice-listener.json b/schema/aws-vpclattice-listener.json
index 1e1f8f7..502b232 100644
--- a/schema/aws-vpclattice-listener.json
+++ b/schema/aws-vpclattice-listener.json
@@ -90,7 +90,7 @@
},
"Weight": {
"maximum": 999,
- "minimum": 1,
+ "minimum": 0,
"type": "integer"
}
},
@@ -231,6 +231,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-vpclattice-resourceconfiguration.json b/schema/aws-vpclattice-resourceconfiguration.json
new file mode 100644
index 0000000..574c3b4
--- /dev/null
+++ b/schema/aws-vpclattice-resourceconfiguration.json
@@ -0,0 +1,258 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/Id"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ResourceGatewayId",
+ "/properties/ResourceConfigurationType",
+ "/properties/ProtocolType",
+ "/properties/ResourceConfigurationAuthType"
+ ],
+ "definitions": {
+ "ArnResource": {
+ "maxLength": 1224,
+ "pattern": "^arn.*",
+ "type": "string"
+ },
+ "DnsResource": {
+ "additionalProperties": false,
+ "properties": {
+ "DomainName": {
+ "maxLength": 255,
+ "minLength": 3,
+ "type": "string"
+ },
+ "IpAddressType": {
+ "enum": [
+ "IPV4",
+ "IPV6",
+ "DUALSTACK"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "DomainName",
+ "IpAddressType"
+ ],
+ "type": "object"
+ },
+ "Id": {
+ "maxLength": 22,
+ "minLength": 22,
+ "pattern": "^rcfg-[0-9a-z]{17}$",
+ "type": "string"
+ },
+ "IpResource": {
+ "maxLength": 39,
+ "minLength": 4,
+ "type": "string"
+ },
+ "PortRange": {
+ "maxLength": 11,
+ "minLength": 1,
+ "pattern": "^((\\d{1,5}\\-\\d{1,5})|(\\d+))$",
+ "type": "string"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "VpcLattice ResourceConfiguration CFN resource",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "ec2:DescribeSubnets",
+ "vpc-lattice:CreateResourceConfiguration",
+ "vpc-lattice:GetResourceConfiguration",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "vpc-lattice:DeleteResourceConfiguration",
+ "vpc-lattice:GetResourceConfiguration",
+ "vpc-lattice:UntagResource"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "vpc-lattice:ListResourceConfigurations"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "vpc-lattice:GetResourceConfiguration",
+ "vpc-lattice:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "ec2:DescribeSubnets",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:ListTagsForResource",
+ "vpc-lattice:UpdateResourceConfiguration",
+ "vpc-lattice:GetResourceConfiguration"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn"
+ ],
+ "properties": {
+ "AllowAssociationToSharableServiceNetwork": {
+ "type": "boolean"
+ },
+ "Arn": {
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:[a-z0-9f\\-]+:vpc-lattice:[a-zA-Z0-9\\-]+:\\d{12}:resourceconfiguration/rcfg-[0-9a-z]{17}$",
+ "type": "string"
+ },
+ "Id": {
+ "$ref": "#/definitions/Id"
+ },
+ "Name": {
+ "maxLength": 40,
+ "minLength": 3,
+ "pattern": "^(?!rcfg-)(?![-])(?!.*[-]$)(?!.*[-]{2})[a-z0-9-]+$",
+ "type": "string"
+ },
+ "PortRanges": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/PortRange"
+ },
+ "type": "array"
+ },
+ "ProtocolType": {
+ "enum": [
+ "TCP"
+ ],
+ "type": "string"
+ },
+ "ResourceConfigurationAuthType": {
+ "enum": [
+ "NONE",
+ "AWS_IAM"
+ ],
+ "type": "string"
+ },
+ "ResourceConfigurationDefinition": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "IpResource": {
+ "$ref": "#/definitions/IpResource"
+ }
+ },
+ "required": [
+ "IpResource"
+ ],
+ "title": "IpResource",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "ArnResource": {
+ "$ref": "#/definitions/ArnResource"
+ }
+ },
+ "required": [
+ "ArnResource"
+ ],
+ "title": "ArnResource",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "DnsResource": {
+ "$ref": "#/definitions/DnsResource"
+ }
+ },
+ "required": [
+ "DnsResource"
+ ],
+ "title": "DnsResource",
+ "type": "object"
+ }
+ ],
+ "type": "object"
+ },
+ "ResourceConfigurationGroupId": {
+ "$ref": "#/definitions/Id"
+ },
+ "ResourceConfigurationType": {
+ "enum": [
+ "GROUP",
+ "CHILD",
+ "SINGLE",
+ "ARN"
+ ],
+ "type": "string"
+ },
+ "ResourceGatewayId": {
+ "type": "string"
+ },
+ "Tags": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 50,
+ "minItems": 0,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Id",
+ "/properties/Arn"
+ ],
+ "required": [
+ "Name",
+ "ResourceConfigurationType"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::VpcLattice::ResourceConfiguration",
+ "writeOnlyProperties": [
+ "/properties/ResourceConfigurationAuthType",
+ "/properties/ResourceConfigurationGroupId"
+ ]
+}
diff --git a/schema/aws-vpclattice-resourcegateway.json b/schema/aws-vpclattice-resourcegateway.json
new file mode 100644
index 0000000..48e4fef
--- /dev/null
+++ b/schema/aws-vpclattice-resourcegateway.json
@@ -0,0 +1,189 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/Id"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/VpcIdentifier",
+ "/properties/SubnetIds",
+ "/properties/IpAddressType",
+ "/properties/Name"
+ ],
+ "definitions": {
+ "Tag": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "Creates a resource gateway for a service. ",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "vpc-lattice:CreateResourceGateway",
+ "vpc-lattice:GetResourceGateway",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource",
+ "ec2:DescribeVpcs",
+ "ec2:DescribeSubnets",
+ "ec2:DescribeSecurityGroups"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "vpc-lattice:DeleteResourceGateway",
+ "vpc-lattice:GetResourceGateway",
+ "vpc-lattice:UntagResource"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "vpc-lattice:ListResourceGateways"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "vpc-lattice:GetResourceGateway",
+ "vpc-lattice:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "vpc-lattice:UpdateResourceGateway",
+ "vpc-lattice:GetResourceGateway",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:ListTagsForResource",
+ "ec2:DescribeVpcs",
+ "ec2:DescribeSubnets",
+ "ec2:DescribeSecurityGroups"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn"
+ ],
+ "properties": {
+ "Arn": {
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:[a-z0-9\\-]+:vpc-lattice:[a-zA-Z0-9\\-]+:\\d{12}:resourcegateway/rgw-[0-9a-z]{17}$",
+ "type": "string"
+ },
+ "Id": {
+ "maxLength": 2048,
+ "minLength": 17,
+ "pattern": "^((rgw-[0-9a-z]{17})|(arn:[a-z0-9\\-]+:vpc-lattice:[a-zA-Z0-9\\-]+:\\d{12}:resourcegateway/rgw-[0-9a-z]{17}))$",
+ "type": "string"
+ },
+ "IpAddressType": {
+ "enum": [
+ "IPV4",
+ "IPV6",
+ "DUALSTACK"
+ ],
+ "type": "string"
+ },
+ "Name": {
+ "maxLength": 40,
+ "minLength": 3,
+ "pattern": "^(?!rgw-)(?![-])(?!.*[-]$)(?!.*[-]{2})[a-z0-9-]+$",
+ "type": "string"
+ },
+ "SecurityGroupIds": {
+ "description": "The ID of one or more security groups to associate with the endpoint network interface.",
+ "insertionOrder": false,
+ "items": {
+ "anyOf": [
+ {
+ "relationshipRef": {
+ "propertyPath": "/properties/GroupId",
+ "typeName": "AWS::EC2::SecurityGroup"
+ }
+ },
+ {
+ "relationshipRef": {
+ "propertyPath": "/properties/Id",
+ "typeName": "AWS::EC2::SecurityGroup"
+ }
+ },
+ {
+ "relationshipRef": {
+ "propertyPath": "/properties/DefaultSecurityGroup",
+ "typeName": "AWS::EC2::VPC"
+ }
+ }
+ ],
+ "type": "string"
+ },
+ "type": "array",
+ "uniqueItems": true
+ },
+ "SubnetIds": {
+ "description": "The ID of one or more subnets in which to create an endpoint network interface.",
+ "insertionOrder": false,
+ "items": {
+ "relationshipRef": {
+ "propertyPath": "/properties/SubnetId",
+ "typeName": "AWS::EC2::Subnet"
+ },
+ "type": "string"
+ },
+ "type": "array",
+ "uniqueItems": true
+ },
+ "Tags": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 50,
+ "minItems": 0,
+ "type": "array",
+ "uniqueItems": true
+ },
+ "VpcIdentifier": {
+ "maxLength": 50,
+ "minLength": 5,
+ "type": "string"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Id",
+ "/properties/Arn"
+ ],
+ "required": [
+ "Name",
+ "VpcIdentifier",
+ "SubnetIds"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::VpcLattice::ResourceGateway"
+}
diff --git a/schema/aws-vpclattice-rule.json b/schema/aws-vpclattice-rule.json
index c415bd0..26fca78 100644
--- a/schema/aws-vpclattice-rule.json
+++ b/schema/aws-vpclattice-rule.json
@@ -232,7 +232,8 @@
},
"delete": {
"permissions": [
- "vpc-lattice:DeleteRule"
+ "vpc-lattice:DeleteRule",
+ "vpc-lattice:UntagResource"
]
},
"list": {
@@ -271,7 +272,8 @@
"vpc-lattice:UpdateRule",
"vpc-lattice:GetRule",
"vpc-lattice:TagResource",
- "vpc-lattice:UntagResource"
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:ListTagsForResource"
]
}
},
@@ -345,6 +347,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-vpclattice-service.json b/schema/aws-vpclattice-service.json
index 2212ef8..f82f5a0 100644
--- a/schema/aws-vpclattice-service.json
+++ b/schema/aws-vpclattice-service.json
@@ -62,7 +62,8 @@
"delete": {
"permissions": [
"vpc-lattice:DeleteService",
- "vpc-lattice:GetService"
+ "vpc-lattice:GetService",
+ "vpc-lattice:UntagResource"
]
},
"list": {
@@ -167,6 +168,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-vpclattice-servicenetwork.json b/schema/aws-vpclattice-servicenetwork.json
index c75c39a..b29f40b 100644
--- a/schema/aws-vpclattice-servicenetwork.json
+++ b/schema/aws-vpclattice-servicenetwork.json
@@ -12,6 +12,18 @@
"/properties/Name"
],
"definitions": {
+ "SharingConfig": {
+ "additionalProperties": false,
+ "properties": {
+ "enabled": {
+ "type": "boolean"
+ }
+ },
+ "required": [
+ "enabled"
+ ],
+ "type": "object"
+ },
"Tag": {
"additionalProperties": false,
"properties": {
@@ -46,7 +58,8 @@
},
"delete": {
"permissions": [
- "vpc-lattice:DeleteServiceNetwork"
+ "vpc-lattice:DeleteServiceNetwork",
+ "vpc-lattice:UntagResource"
]
},
"list": {
@@ -65,7 +78,8 @@
"vpc-lattice:GetServiceNetwork",
"vpc-lattice:UpdateServiceNetwork",
"vpc-lattice:TagResource",
- "vpc-lattice:UntagResource"
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:ListTagsForResource"
]
}
},
@@ -105,6 +119,9 @@
"pattern": "^(?!servicenetwork-)(?![-])(?!.*[-]$)(?!.*[-]{2})[a-z0-9-]+$",
"type": "string"
},
+ "SharingConfig": {
+ "$ref": "#/definitions/SharingConfig"
+ },
"Tags": {
"insertionOrder": false,
"items": {
@@ -124,6 +141,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-vpclattice-servicenetworkresourceassociation.json b/schema/aws-vpclattice-servicenetworkresourceassociation.json
new file mode 100644
index 0000000..195fc41
--- /dev/null
+++ b/schema/aws-vpclattice-servicenetworkresourceassociation.json
@@ -0,0 +1,129 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/Id"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ResourceConfigurationId",
+ "/properties/ServiceNetworkId"
+ ],
+ "definitions": {
+ "Tag": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "maxLength": 128,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Value": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "VpcLattice ServiceNetworkResourceAssociation CFN resource",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "vpc-lattice:CreateServiceNetworkResourceAssociation",
+ "vpc-lattice:GetServiceNetworkResourceAssociation",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "vpc-lattice:DeleteServiceNetworkResourceAssociation",
+ "vpc-lattice:GetServiceNetworkResourceAssociation",
+ "vpc-lattice:UntagResource"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "vpc-lattice:ListServiceNetworkResourceAssociations"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "vpc-lattice:GetServiceNetworkResourceAssociation",
+ "vpc-lattice:ListTagsForResource"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "vpc-lattice:TagResource",
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:GetServiceNetworkResourceAssociation",
+ "vpc-lattice:ListTagsForResource"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/Arn"
+ ],
+ "properties": {
+ "Arn": {
+ "maxLength": 2048,
+ "minLength": 22,
+ "pattern": "^arn:[a-z0-9\\-]+:vpc-lattice:[a-zA-Z0-9\\-]+:\\d{12}:servicenetworkresourceassociation/snra-[0-9a-f]{17}$",
+ "type": "string"
+ },
+ "Id": {
+ "maxLength": 22,
+ "minLength": 22,
+ "pattern": "^snra-[0-9a-f]{17}$",
+ "type": "string"
+ },
+ "ResourceConfigurationId": {
+ "maxLength": 2048,
+ "minLength": 17,
+ "pattern": "^rcfg-[0-9a-z]{17}$",
+ "type": "string"
+ },
+ "ServiceNetworkId": {
+ "maxLength": 2048,
+ "minLength": 3,
+ "pattern": "^((sn-[0-9a-z]{17})|(arn:[a-z0-9\\-]+:vpc-lattice:[a-zA-Z0-9\\-]+:\\d{12}:servicenetwork/sn-[0-9a-z]{17}))$",
+ "type": "string"
+ },
+ "Tags": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 50,
+ "minItems": 0,
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/Id",
+ "/properties/Arn"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::VpcLattice::ServiceNetworkResourceAssociation"
+}
diff --git a/schema/aws-vpclattice-servicenetworkserviceassociation.json b/schema/aws-vpclattice-servicenetworkserviceassociation.json
index 87a3971..50624f1 100644
--- a/schema/aws-vpclattice-servicenetworkserviceassociation.json
+++ b/schema/aws-vpclattice-servicenetworkserviceassociation.json
@@ -60,7 +60,8 @@
"delete": {
"permissions": [
"vpc-lattice:DeleteServiceNetworkServiceAssociation",
- "vpc-lattice:GetServiceNetworkServiceAssociation"
+ "vpc-lattice:GetServiceNetworkServiceAssociation",
+ "vpc-lattice:UntagResource"
]
},
"list": {
@@ -207,6 +208,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-vpclattice-servicenetworkvpcassociation.json b/schema/aws-vpclattice-servicenetworkvpcassociation.json
index fa536de..9a7c363 100644
--- a/schema/aws-vpclattice-servicenetworkvpcassociation.json
+++ b/schema/aws-vpclattice-servicenetworkvpcassociation.json
@@ -51,7 +51,8 @@
"delete": {
"permissions": [
"vpc-lattice:DeleteServiceNetworkVpcAssociation",
- "vpc-lattice:GetServiceNetworkVpcAssociation"
+ "vpc-lattice:GetServiceNetworkVpcAssociation",
+ "vpc-lattice:UntagResource"
]
},
"list": {
@@ -193,6 +194,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-vpclattice-targetgroup.json b/schema/aws-vpclattice-targetgroup.json
index 915f43f..907d077 100644
--- a/schema/aws-vpclattice-targetgroup.json
+++ b/schema/aws-vpclattice-targetgroup.json
@@ -328,6 +328,11 @@
],
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "vpc-lattice:UntagResource",
+ "vpc-lattice:TagResource",
+ "vpc-lattice:ListTagsForResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-wafv2-ipset.json b/schema/aws-wafv2-ipset.json
index 08c23fe..3d49bfc 100644
--- a/schema/aws-wafv2-ipset.json
+++ b/schema/aws-wafv2-ipset.json
@@ -103,7 +103,9 @@
"permissions": [
"wafv2:UpdateIPSet",
"wafv2:GetIPSet",
- "wafv2:ListTagsForResource"
+ "wafv2:ListTagsForResource",
+ "wafv2:TagResource",
+ "wafv2:UntagResource"
]
}
},
@@ -157,10 +159,11 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git",
"tagging": {
- "cloudFormationSystemTags": false,
- "tagOnCreate": false,
- "tagUpdatable": false,
- "taggable": false
+ "cloudFormationSystemTags": true,
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
},
"typeName": "AWS::WAFv2::IPSet"
}
diff --git a/schema/aws-wafv2-regexpatternset.json b/schema/aws-wafv2-regexpatternset.json
index 11ae6b1..db7c54b 100644
--- a/schema/aws-wafv2-regexpatternset.json
+++ b/schema/aws-wafv2-regexpatternset.json
@@ -62,7 +62,9 @@
"permissions": [
"wafv2:UpdateRegexPatternSet",
"wafv2:GetRegexPatternSet",
- "wafv2:ListTagsForResource"
+ "wafv2:ListTagsForResource",
+ "wafv2:TagResource",
+ "wafv2:UntagResource"
]
}
},
@@ -123,10 +125,11 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git",
"tagging": {
- "cloudFormationSystemTags": false,
- "tagOnCreate": false,
- "tagUpdatable": false,
- "taggable": false
+ "cloudFormationSystemTags": true,
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
},
"typeName": "AWS::WAFv2::RegexPatternSet"
}
diff --git a/schema/aws-wafv2-rulegroup.json b/schema/aws-wafv2-rulegroup.json
index fb1b37c..dbdc65b 100644
--- a/schema/aws-wafv2-rulegroup.json
+++ b/schema/aws-wafv2-rulegroup.json
@@ -336,6 +336,9 @@
"JA3Fingerprint": {
"$ref": "#/definitions/JA3Fingerprint"
},
+ "JA4Fingerprint": {
+ "$ref": "#/definitions/JA4Fingerprint"
+ },
"JsonBody": {
"$ref": "#/definitions/JsonBody"
},
@@ -372,6 +375,9 @@
],
"type": "object"
},
+ "UriFragment": {
+ "$ref": "#/definitions/UriFragment"
+ },
"UriPath": {
"description": "The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.",
"type": "object"
@@ -547,6 +553,23 @@
],
"type": "object"
},
+ "JA4Fingerprint": {
+ "additionalProperties": false,
+ "description": "Includes the JA4 fingerprint of a web request.",
+ "properties": {
+ "FallbackBehavior": {
+ "enum": [
+ "MATCH",
+ "NO_MATCH"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "FallbackBehavior"
+ ],
+ "type": "object"
+ },
"JsonBody": {
"additionalProperties": false,
"description": "Inspect the request body as JSON. The request body immediately follows the request headers.",
@@ -768,6 +791,12 @@
"IP": {
"$ref": "#/definitions/RateLimitIP"
},
+ "JA3Fingerprint": {
+ "$ref": "#/definitions/RateLimitJA3Fingerprint"
+ },
+ "JA4Fingerprint": {
+ "$ref": "#/definitions/RateLimitJA4Fingerprint"
+ },
"LabelNamespace": {
"$ref": "#/definitions/RateLimitLabelNamespace"
},
@@ -785,7 +814,7 @@
},
"RateLimit": {
"maximum": 2000000000,
- "minimum": 100,
+ "minimum": 10,
"type": "integer"
},
"RateLimitCookie": {
@@ -848,6 +877,40 @@
"description": "Specifies the IP address in the web request as an aggregate key for a rate-based rule.",
"type": "object"
},
+ "RateLimitJA3Fingerprint": {
+ "additionalProperties": false,
+ "description": "Specifies the request's JA3 fingerprint as an aggregate key for a rate-based rule.",
+ "properties": {
+ "FallbackBehavior": {
+ "enum": [
+ "MATCH",
+ "NO_MATCH"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "FallbackBehavior"
+ ],
+ "type": "object"
+ },
+ "RateLimitJA4Fingerprint": {
+ "additionalProperties": false,
+ "description": "Specifies the request's JA4 fingerprint as an aggregate key for a rate-based rule.",
+ "properties": {
+ "FallbackBehavior": {
+ "enum": [
+ "MATCH",
+ "NO_MATCH"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "FallbackBehavior"
+ ],
+ "type": "object"
+ },
"RateLimitLabelNamespace": {
"additionalProperties": false,
"description": "Specifies a label namespace to use as an aggregate key for a rate-based rule.",
@@ -1290,6 +1353,20 @@
],
"type": "string"
},
+ "UriFragment": {
+ "additionalProperties": false,
+ "description": "The path component of the URI Fragment. This is the part of a web request that identifies a fragment uri, for example, /abcd#introduction",
+ "properties": {
+ "FallbackBehavior": {
+ "enum": [
+ "MATCH",
+ "NO_MATCH"
+ ],
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"VisibilityConfig": {
"additionalProperties": false,
"description": "Visibility Metric of the RuleGroup.",
@@ -1372,6 +1449,8 @@
},
"update": {
"permissions": [
+ "wafv2:TagResource",
+ "wafv2:UntagResource",
"wafv2:UpdateRuleGroup",
"wafv2:GetRuleGroup",
"wafv2:ListTagsForResource"
@@ -1455,10 +1534,11 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git",
"tagging": {
- "cloudFormationSystemTags": false,
- "tagOnCreate": false,
- "tagUpdatable": false,
- "taggable": false
+ "cloudFormationSystemTags": true,
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
},
"typeName": "AWS::WAFv2::RuleGroup"
}
diff --git a/schema/aws-wafv2-webacl.json b/schema/aws-wafv2-webacl.json
index 1832d5e..1009314 100644
--- a/schema/aws-wafv2-webacl.json
+++ b/schema/aws-wafv2-webacl.json
@@ -374,6 +374,54 @@
],
"type": "object"
},
+ "DataProtect": {
+ "additionalProperties": false,
+ "properties": {
+ "Action": {
+ "$ref": "#/definitions/DataProtectionAction"
+ },
+ "ExcludeRateBasedDetails": {
+ "type": "boolean"
+ },
+ "ExcludeRuleMatchDetails": {
+ "type": "boolean"
+ },
+ "Field": {
+ "$ref": "#/definitions/FieldToProtect"
+ }
+ },
+ "required": [
+ "Field",
+ "Action"
+ ],
+ "type": "object"
+ },
+ "DataProtectionAction": {
+ "enum": [
+ "SUBSTITUTION",
+ "HASH"
+ ],
+ "type": "string"
+ },
+ "DataProtectionConfig": {
+ "additionalProperties": false,
+ "properties": {
+ "DataProtections": {
+ "$ref": "#/definitions/DataProtections"
+ }
+ },
+ "required": [
+ "DataProtections"
+ ],
+ "type": "object"
+ },
+ "DataProtections": {
+ "items": {
+ "$ref": "#/definitions/DataProtect"
+ },
+ "minItems": 1,
+ "type": "array"
+ },
"DefaultAction": {
"additionalProperties": false,
"description": "Default Action WebACL will take against ingress traffic when there is no matching Rule.",
@@ -465,6 +513,9 @@
"JA3Fingerprint": {
"$ref": "#/definitions/JA3Fingerprint"
},
+ "JA4Fingerprint": {
+ "$ref": "#/definitions/JA4Fingerprint"
+ },
"JsonBody": {
"$ref": "#/definitions/JsonBody"
},
@@ -501,6 +552,9 @@
],
"type": "object"
},
+ "UriFragment": {
+ "$ref": "#/definitions/UriFragment"
+ },
"UriPath": {
"description": "The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg.",
"type": "object"
@@ -508,6 +562,40 @@
},
"type": "object"
},
+ "FieldToProtect": {
+ "additionalProperties": false,
+ "description": "Field in log to protect.",
+ "properties": {
+ "FieldKeys": {
+ "description": "List of field keys to protect",
+ "items": {
+ "$ref": "#/definitions/FieldToProtectKeyName"
+ },
+ "type": "array"
+ },
+ "FieldType": {
+ "description": "Field type to protect",
+ "enum": [
+ "SINGLE_HEADER",
+ "SINGLE_COOKIE",
+ "SINGLE_QUERY_ARGUMENT",
+ "QUERY_STRING",
+ "BODY"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "FieldType"
+ ],
+ "type": "object"
+ },
+ "FieldToProtectKeyName": {
+ "description": "Key of the field to protect.",
+ "maxLength": 64,
+ "minLength": 1,
+ "type": "string"
+ },
"ForwardedIPConfiguration": {
"additionalProperties": false,
"properties": {
@@ -676,6 +764,23 @@
],
"type": "object"
},
+ "JA4Fingerprint": {
+ "additionalProperties": false,
+ "description": "Includes the JA4 fingerprint of a web request.",
+ "properties": {
+ "FallbackBehavior": {
+ "enum": [
+ "MATCH",
+ "NO_MATCH"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "FallbackBehavior"
+ ],
+ "type": "object"
+ },
"JsonBody": {
"additionalProperties": false,
"description": "Inspect the request body as JSON. The request body immediately follows the request headers.",
@@ -990,6 +1095,12 @@
"IP": {
"$ref": "#/definitions/RateLimitIP"
},
+ "JA3Fingerprint": {
+ "$ref": "#/definitions/RateLimitJA3Fingerprint"
+ },
+ "JA4Fingerprint": {
+ "$ref": "#/definitions/RateLimitJA4Fingerprint"
+ },
"LabelNamespace": {
"$ref": "#/definitions/RateLimitLabelNamespace"
},
@@ -1007,7 +1118,7 @@
},
"RateLimit": {
"maximum": 2000000000,
- "minimum": 100,
+ "minimum": 10,
"type": "integer"
},
"RateLimitCookie": {
@@ -1070,6 +1181,40 @@
"description": "Specifies the IP address in the web request as an aggregate key for a rate-based rule.",
"type": "object"
},
+ "RateLimitJA3Fingerprint": {
+ "additionalProperties": false,
+ "description": "Specifies the request's JA3 fingerprint as an aggregate key for a rate-based rule.",
+ "properties": {
+ "FallbackBehavior": {
+ "enum": [
+ "MATCH",
+ "NO_MATCH"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "FallbackBehavior"
+ ],
+ "type": "object"
+ },
+ "RateLimitJA4Fingerprint": {
+ "additionalProperties": false,
+ "description": "Specifies the request's JA4 fingerprint as an aggregate key for a rate-based rule.",
+ "properties": {
+ "FallbackBehavior": {
+ "enum": [
+ "MATCH",
+ "NO_MATCH"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "FallbackBehavior"
+ ],
+ "type": "object"
+ },
"RateLimitLabelNamespace": {
"additionalProperties": false,
"description": "Specifies a label namespace to use as an aggregate key for a rate-based rule.",
@@ -1825,6 +1970,20 @@
},
"type": "array"
},
+ "UriFragment": {
+ "additionalProperties": false,
+ "description": "The path component of the URI Fragment. This is the part of a web request that identifies a fragment uri, for example, /abcd#introduction",
+ "properties": {
+ "FallbackBehavior": {
+ "enum": [
+ "MATCH",
+ "NO_MATCH"
+ ],
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
"UriPath": {
"type": "object"
},
@@ -1912,7 +2071,9 @@
"permissions": [
"wafv2:UpdateWebACL",
"wafv2:GetWebACL",
- "wafv2:ListTagsForResource"
+ "wafv2:ListTagsForResource",
+ "wafv2:TagResource",
+ "wafv2:UntagResource"
]
}
},
@@ -1941,6 +2102,10 @@
"CustomResponseBodies": {
"$ref": "#/definitions/CustomResponseBodies"
},
+ "DataProtectionConfig": {
+ "$ref": "#/definitions/DataProtectionConfig",
+ "description": "Collection of dataProtects."
+ },
"DefaultAction": {
"$ref": "#/definitions/DefaultAction"
},
@@ -1993,10 +2158,11 @@
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wafv2.git",
"tagging": {
- "cloudFormationSystemTags": false,
- "tagOnCreate": false,
- "tagUpdatable": false,
- "taggable": false
+ "cloudFormationSystemTags": true,
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
},
"typeName": "AWS::WAFv2::WebACL"
}
diff --git a/schema/aws-wafv2-webaclassociation.json b/schema/aws-wafv2-webaclassociation.json
index bad6d96..b652b5b 100644
--- a/schema/aws-wafv2-webaclassociation.json
+++ b/schema/aws-wafv2-webaclassociation.json
@@ -19,6 +19,8 @@
"wafv2:GetWebACLForResource",
"wafv2:GetWebACL",
"wafv2:DisassociateWebACL",
+ "wafv2:PutPermissionPolicy",
+ "wafv2:GetPermissionPolicy",
"elasticloadbalancing:SetWebACL",
"apigateway:SetWebACL",
"appsync:SetWebACL",
@@ -31,7 +33,9 @@
"ec2:AssociateVerifiedAccessInstanceWebAcl",
"ec2:DisassociateVerifiedAccessInstanceWebAcl",
"ec2:DescribeVerifiedAccessInstanceWebAclAssociations",
- "ec2:GetVerifiedAccessInstanceWebAcl"
+ "ec2:GetVerifiedAccessInstanceWebAcl",
+ "amplify:AssociateWebACL",
+ "amplify:GetWebACLForResource"
]
},
"delete": {
@@ -40,6 +44,7 @@
"wafv2:GetWebACLForResource",
"wafv2:GetWebACL",
"wafv2:DisassociateWebACL",
+ "wafv2:PutPermissionPolicy",
"elasticloadbalancing:SetWebACL",
"apigateway:SetWebACL",
"appsync:SetWebACL",
@@ -52,7 +57,9 @@
"ec2:AssociateVerifiedAccessInstanceWebAcl",
"ec2:DisassociateVerifiedAccessInstanceWebAcl",
"ec2:DescribeVerifiedAccessInstanceWebAclAssociations",
- "ec2:GetVerifiedAccessInstanceWebAcl"
+ "ec2:GetVerifiedAccessInstanceWebAcl",
+ "amplify:DisassociateWebACL",
+ "amplify:GetWebACLForResource"
]
},
"read": {
@@ -73,7 +80,8 @@
"ec2:AssociateVerifiedAccessInstanceWebAcl",
"ec2:DisassociateVerifiedAccessInstanceWebAcl",
"ec2:DescribeVerifiedAccessInstanceWebAclAssociations",
- "ec2:GetVerifiedAccessInstanceWebAcl"
+ "ec2:GetVerifiedAccessInstanceWebAcl",
+ "amplify:GetWebACLForResource"
]
},
"update": {
diff --git a/schema/aws-wisdom-aiagent.json b/schema/aws-wisdom-aiagent.json
new file mode 100644
index 0000000..35fc8ea
--- /dev/null
+++ b/schema/aws-wisdom-aiagent.json
@@ -0,0 +1,432 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/AIAgentArn",
+ "/properties/AssistantArn"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/AssistantId",
+ "/properties/Name",
+ "/properties/Tags",
+ "/properties/Type"
+ ],
+ "definitions": {
+ "AIAgentAssociationConfigurationType": {
+ "enum": [
+ "KNOWLEDGE_BASE"
+ ],
+ "type": "string"
+ },
+ "AIAgentConfiguration": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "ManualSearchAIAgentConfiguration": {
+ "$ref": "#/definitions/ManualSearchAIAgentConfiguration"
+ }
+ },
+ "required": [
+ "ManualSearchAIAgentConfiguration"
+ ],
+ "title": "ManualSearchAIAgentConfiguration",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "AnswerRecommendationAIAgentConfiguration": {
+ "$ref": "#/definitions/AnswerRecommendationAIAgentConfiguration"
+ }
+ },
+ "required": [
+ "AnswerRecommendationAIAgentConfiguration"
+ ],
+ "title": "AnswerRecommendationAIAgentConfiguration",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "SelfServiceAIAgentConfiguration": {
+ "$ref": "#/definitions/SelfServiceAIAgentConfiguration"
+ }
+ },
+ "required": [
+ "SelfServiceAIAgentConfiguration"
+ ],
+ "title": "SelfServiceAIAgentConfiguration",
+ "type": "object"
+ }
+ ]
+ },
+ "AIAgentType": {
+ "enum": [
+ "MANUAL_SEARCH",
+ "ANSWER_RECOMMENDATION",
+ "SELF_SERVICE"
+ ],
+ "type": "string"
+ },
+ "AnswerRecommendationAIAgentConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "AnswerGenerationAIGuardrailId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "AnswerGenerationAIPromptId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "AssociationConfigurations": {
+ "items": {
+ "$ref": "#/definitions/AssociationConfiguration"
+ },
+ "type": "array"
+ },
+ "IntentLabelingGenerationAIPromptId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "Locale": {
+ "minLength": 1,
+ "type": "string"
+ },
+ "QueryReformulationAIPromptId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "AssociationConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "AssociationConfigurationData": {
+ "$ref": "#/definitions/AssociationConfigurationData"
+ },
+ "AssociationId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$",
+ "type": "string"
+ },
+ "AssociationType": {
+ "$ref": "#/definitions/AIAgentAssociationConfigurationType"
+ }
+ },
+ "type": "object"
+ },
+ "AssociationConfigurationData": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "KnowledgeBaseAssociationConfigurationData": {
+ "$ref": "#/definitions/KnowledgeBaseAssociationConfigurationData"
+ }
+ },
+ "required": [
+ "KnowledgeBaseAssociationConfigurationData"
+ ],
+ "title": "KnowledgeBaseAssociationConfigurationData",
+ "type": "object"
+ }
+ ]
+ },
+ "KnowledgeBaseAssociationConfigurationData": {
+ "additionalProperties": false,
+ "properties": {
+ "ContentTagFilter": {
+ "$ref": "#/definitions/TagFilter"
+ },
+ "MaxResults": {
+ "maximum": 100,
+ "minimum": 1,
+ "type": "number"
+ },
+ "OverrideKnowledgeBaseSearchType": {
+ "$ref": "#/definitions/KnowledgeBaseSearchType"
+ }
+ },
+ "type": "object"
+ },
+ "KnowledgeBaseSearchType": {
+ "enum": [
+ "HYBRID",
+ "SEMANTIC"
+ ],
+ "type": "string"
+ },
+ "ManualSearchAIAgentConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "AnswerGenerationAIGuardrailId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "AnswerGenerationAIPromptId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "AssociationConfigurations": {
+ "items": {
+ "$ref": "#/definitions/AssociationConfiguration"
+ },
+ "type": "array"
+ },
+ "Locale": {
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "OrCondition": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "AndConditions": {
+ "items": {
+ "$ref": "#/definitions/TagCondition"
+ },
+ "type": "array"
+ }
+ },
+ "required": [
+ "AndConditions"
+ ],
+ "title": "AndConditions",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "TagCondition": {
+ "$ref": "#/definitions/TagCondition"
+ }
+ },
+ "required": [
+ "TagCondition"
+ ],
+ "title": "TagCondition",
+ "type": "object"
+ }
+ ]
+ },
+ "SelfServiceAIAgentConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "AssociationConfigurations": {
+ "items": {
+ "$ref": "#/definitions/AssociationConfiguration"
+ },
+ "type": "array"
+ },
+ "SelfServiceAIGuardrailId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "SelfServiceAnswerGenerationAIPromptId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "SelfServicePreProcessingAIPromptId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "TagCondition": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "maxLength": 128,
+ "minLength": 1,
+ "pattern": "^(?!aws:)[a-zA-Z+-=._:/]+$",
+ "type": "string"
+ },
+ "Value": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key"
+ ],
+ "type": "object"
+ },
+ "TagFilter": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "TagCondition": {
+ "$ref": "#/definitions/TagCondition"
+ }
+ },
+ "required": [
+ "TagCondition"
+ ],
+ "title": "TagCondition",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "AndConditions": {
+ "items": {
+ "$ref": "#/definitions/TagCondition"
+ },
+ "type": "array"
+ }
+ },
+ "required": [
+ "AndConditions"
+ ],
+ "title": "AndConditions",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "OrConditions": {
+ "items": {
+ "$ref": "#/definitions/OrCondition"
+ },
+ "type": "array"
+ }
+ },
+ "required": [
+ "OrConditions"
+ ],
+ "title": "OrConditions",
+ "type": "object"
+ }
+ ]
+ },
+ "Tags": {
+ "additionalProperties": false,
+ "patternProperties": {
+ "^(?!aws:)[a-zA-Z+-=._:/]+$": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::Wisdom::AIAgent Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "wisdom:CreateAIAgent",
+ "wisdom:TagResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "wisdom:DeleteAIAgent"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "AssistantId": {
+ "$ref": "resource-schema.json#/properties/AssistantId"
+ }
+ },
+ "required": [
+ "AssistantId"
+ ]
+ },
+ "permissions": [
+ "wisdom:ListAIAgents"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "wisdom:GetAIAgent"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "wisdom:UpdateAIAgent"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/AIAgentId",
+ "/properties/AssistantId"
+ ],
+ "properties": {
+ "AIAgentArn": {
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}$",
+ "type": "string"
+ },
+ "AIAgentId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$|^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "AssistantArn": {
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}$",
+ "type": "string"
+ },
+ "AssistantId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$|^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}$",
+ "type": "string"
+ },
+ "Configuration": {
+ "$ref": "#/definitions/AIAgentConfiguration"
+ },
+ "Description": {
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9\\s_.,-]+",
+ "type": "string"
+ },
+ "ModifiedTimeSeconds": {
+ "type": "number"
+ },
+ "Name": {
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9\\s_.,-]+",
+ "type": "string"
+ },
+ "Tags": {
+ "$ref": "#/definitions/Tags"
+ },
+ "Type": {
+ "$ref": "#/definitions/AIAgentType"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/AIAgentArn",
+ "/properties/AIAgentId",
+ "/properties/AssistantArn",
+ "/properties/ModifiedTimeSeconds"
+ ],
+ "required": [
+ "AssistantId",
+ "Configuration",
+ "Type"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "wisdom:TagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
+ "typeName": "AWS::Wisdom::AIAgent"
+}
diff --git a/schema/aws-wisdom-aiagentversion.json b/schema/aws-wisdom-aiagentversion.json
new file mode 100644
index 0000000..44fb87c
--- /dev/null
+++ b/schema/aws-wisdom-aiagentversion.json
@@ -0,0 +1,110 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/AIAgentArn",
+ "/properties/AssistantArn"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/AssistantId",
+ "/properties/AIAgentId",
+ "/properties/ModifiedTimeSeconds"
+ ],
+ "definitions": {},
+ "description": "Definition of AWS::Wisdom::AIAgentVersion Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "wisdom:CreateAIAgentVersion"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "wisdom:DeleteAIAgentVersion"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "AIAgentId": {
+ "$ref": "resource-schema.json#/properties/AIAgentId"
+ },
+ "AssistantId": {
+ "$ref": "resource-schema.json#/properties/AssistantId"
+ }
+ },
+ "required": [
+ "AssistantId",
+ "AIAgentId"
+ ]
+ },
+ "permissions": [
+ "wisdom:ListAIAgentVersions"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "wisdom:GetAIAgent",
+ "wisdom:GetAIAgentVersion"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "wisdom:GetAIAgent",
+ "wisdom:GetAIAgentVersion"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/AssistantId",
+ "/properties/AIAgentId",
+ "/properties/VersionNumber"
+ ],
+ "properties": {
+ "AIAgentArn": {
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$",
+ "type": "string"
+ },
+ "AIAgentId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$",
+ "type": "string"
+ },
+ "AIAgentVersionId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "AssistantArn": {
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$",
+ "type": "string"
+ },
+ "AssistantId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$",
+ "type": "string"
+ },
+ "ModifiedTimeSeconds": {
+ "type": "number"
+ },
+ "VersionNumber": {
+ "type": "number"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/AIAgentVersionId",
+ "/properties/AIAgentArn",
+ "/properties/AssistantArn",
+ "/properties/VersionNumber"
+ ],
+ "required": [
+ "AssistantId",
+ "AIAgentId"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "taggable": false
+ },
+ "typeName": "AWS::Wisdom::AIAgentVersion"
+}
diff --git a/schema/aws-wisdom-aiguardrail.json b/schema/aws-wisdom-aiguardrail.json
new file mode 100644
index 0000000..e4df6e9
--- /dev/null
+++ b/schema/aws-wisdom-aiguardrail.json
@@ -0,0 +1,499 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/AIGuardrailArn",
+ "/properties/AssistantArn"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/AssistantId",
+ "/properties/Name",
+ "/properties/Tags"
+ ],
+ "definitions": {
+ "AIGuardrailContentPolicyConfig": {
+ "additionalProperties": false,
+ "description": "Content policy config for a guardrail.",
+ "properties": {
+ "FiltersConfig": {
+ "description": "List of content filter configs in content policy.",
+ "items": {
+ "$ref": "#/definitions/GuardrailContentFilterConfig"
+ },
+ "maxItems": 6,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "FiltersConfig"
+ ],
+ "type": "object"
+ },
+ "AIGuardrailContextualGroundingPolicyConfig": {
+ "additionalProperties": false,
+ "description": "Contextual grounding policy config for a guardrail.",
+ "properties": {
+ "FiltersConfig": {
+ "description": "List of contextual grounding filter configs.",
+ "items": {
+ "$ref": "#/definitions/GuardrailContextualGroundingFilterConfig"
+ },
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "FiltersConfig"
+ ],
+ "type": "object"
+ },
+ "AIGuardrailSensitiveInformationPolicyConfig": {
+ "additionalProperties": false,
+ "description": "Sensitive information policy config for a guardrail.",
+ "properties": {
+ "PiiEntitiesConfig": {
+ "description": "List of entities.",
+ "items": {
+ "$ref": "#/definitions/GuardrailPiiEntityConfig"
+ },
+ "minItems": 1,
+ "type": "array",
+ "uniqueItems": true
+ },
+ "RegexesConfig": {
+ "description": "List of regex.",
+ "items": {
+ "$ref": "#/definitions/GuardrailRegexConfig"
+ },
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "AIGuardrailTopicPolicyConfig": {
+ "additionalProperties": false,
+ "description": "Topic policy config for a guardrail.",
+ "properties": {
+ "TopicsConfig": {
+ "description": "List of topic configs in topic policy.",
+ "items": {
+ "$ref": "#/definitions/GuardrailTopicConfig"
+ },
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "required": [
+ "TopicsConfig"
+ ],
+ "type": "object"
+ },
+ "AIGuardrailWordPolicyConfig": {
+ "additionalProperties": false,
+ "description": "Word policy config for a guardrail.",
+ "properties": {
+ "ManagedWordListsConfig": {
+ "description": "A config for the list of managed words.",
+ "items": {
+ "$ref": "#/definitions/GuardrailManagedWordsConfig"
+ },
+ "type": "array"
+ },
+ "WordsConfig": {
+ "description": "List of custom word configs.",
+ "items": {
+ "$ref": "#/definitions/GuardrailWordConfig"
+ },
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ },
+ "GuardrailContentFilterConfig": {
+ "additionalProperties": false,
+ "description": "Content filter config in content policy.",
+ "properties": {
+ "InputStrength": {
+ "$ref": "#/definitions/GuardrailFilterStrength"
+ },
+ "OutputStrength": {
+ "$ref": "#/definitions/GuardrailFilterStrength"
+ },
+ "Type": {
+ "$ref": "#/definitions/GuardrailContentFilterType"
+ }
+ },
+ "required": [
+ "InputStrength",
+ "OutputStrength",
+ "Type"
+ ],
+ "type": "object"
+ },
+ "GuardrailContentFilterType": {
+ "description": "Type of text to text filter in content policy",
+ "enum": [
+ "SEXUAL",
+ "VIOLENCE",
+ "HATE",
+ "INSULTS",
+ "MISCONDUCT",
+ "PROMPT_ATTACK"
+ ],
+ "type": "string"
+ },
+ "GuardrailContextualGroundingFilterConfig": {
+ "additionalProperties": false,
+ "description": "A config for grounding filter.",
+ "properties": {
+ "Threshold": {
+ "default": 0,
+ "description": "The threshold for this filter.",
+ "minimum": 0,
+ "type": "number"
+ },
+ "Type": {
+ "$ref": "#/definitions/GuardrailContextualGroundingFilterType"
+ }
+ },
+ "required": [
+ "Threshold",
+ "Type"
+ ],
+ "type": "object"
+ },
+ "GuardrailContextualGroundingFilterType": {
+ "description": "Type of contextual grounding filter",
+ "enum": [
+ "GROUNDING",
+ "RELEVANCE"
+ ],
+ "type": "string"
+ },
+ "GuardrailFilterStrength": {
+ "description": "Strength for filters",
+ "enum": [
+ "NONE",
+ "LOW",
+ "MEDIUM",
+ "HIGH"
+ ],
+ "type": "string"
+ },
+ "GuardrailManagedWordsConfig": {
+ "additionalProperties": false,
+ "description": "A managed words config.",
+ "properties": {
+ "Type": {
+ "$ref": "#/definitions/GuardrailManagedWordsType"
+ }
+ },
+ "required": [
+ "Type"
+ ],
+ "type": "object"
+ },
+ "GuardrailManagedWordsType": {
+ "description": "Options for managed words.",
+ "enum": [
+ "PROFANITY"
+ ],
+ "type": "string"
+ },
+ "GuardrailPiiEntityConfig": {
+ "additionalProperties": false,
+ "description": "Pii entity configuration.",
+ "properties": {
+ "Action": {
+ "$ref": "#/definitions/GuardrailSensitiveInformationAction"
+ },
+ "Type": {
+ "$ref": "#/definitions/GuardrailPiiEntityType"
+ }
+ },
+ "required": [
+ "Action",
+ "Type"
+ ],
+ "type": "object"
+ },
+ "GuardrailPiiEntityType": {
+ "description": "The currently supported PII entities",
+ "enum": [
+ "ADDRESS",
+ "AGE",
+ "AWS_ACCESS_KEY",
+ "AWS_SECRET_KEY",
+ "CA_HEALTH_NUMBER",
+ "CA_SOCIAL_INSURANCE_NUMBER",
+ "CREDIT_DEBIT_CARD_CVV",
+ "CREDIT_DEBIT_CARD_EXPIRY",
+ "CREDIT_DEBIT_CARD_NUMBER",
+ "DRIVER_ID",
+ "EMAIL",
+ "INTERNATIONAL_BANK_ACCOUNT_NUMBER",
+ "IP_ADDRESS",
+ "LICENSE_PLATE",
+ "MAC_ADDRESS",
+ "NAME",
+ "PASSWORD",
+ "PHONE",
+ "PIN",
+ "SWIFT_CODE",
+ "UK_NATIONAL_HEALTH_SERVICE_NUMBER",
+ "UK_NATIONAL_INSURANCE_NUMBER",
+ "UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER",
+ "URL",
+ "USERNAME",
+ "US_BANK_ACCOUNT_NUMBER",
+ "US_BANK_ROUTING_NUMBER",
+ "US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER",
+ "US_PASSPORT_NUMBER",
+ "US_SOCIAL_SECURITY_NUMBER",
+ "VEHICLE_IDENTIFICATION_NUMBER"
+ ],
+ "type": "string"
+ },
+ "GuardrailRegexConfig": {
+ "additionalProperties": false,
+ "description": "A regex configuration.",
+ "properties": {
+ "Action": {
+ "$ref": "#/definitions/GuardrailSensitiveInformationAction"
+ },
+ "Description": {
+ "description": "The regex description.",
+ "maxLength": 1000,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Name": {
+ "description": "The regex name.",
+ "maxLength": 100,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Pattern": {
+ "description": "The regex pattern.",
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Action",
+ "Name",
+ "Pattern"
+ ],
+ "type": "object"
+ },
+ "GuardrailSensitiveInformationAction": {
+ "description": "Options for sensitive information action.",
+ "enum": [
+ "BLOCK",
+ "ANONYMIZE"
+ ],
+ "type": "string"
+ },
+ "GuardrailTopicConfig": {
+ "additionalProperties": false,
+ "description": "Topic config in topic policy.",
+ "properties": {
+ "Definition": {
+ "description": "Definition of topic in topic policy",
+ "maxLength": 200,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Examples": {
+ "description": "List of text examples",
+ "items": {
+ "description": "Text example in topic policy",
+ "maxLength": 100,
+ "minLength": 1,
+ "type": "string"
+ },
+ "minItems": 0,
+ "type": "array"
+ },
+ "Name": {
+ "description": "Name of topic in topic policy",
+ "maxLength": 100,
+ "minLength": 1,
+ "pattern": "^[0-9a-zA-Z-_ !?.]+$",
+ "type": "string"
+ },
+ "Type": {
+ "$ref": "#/definitions/GuardrailTopicType"
+ }
+ },
+ "required": [
+ "Definition",
+ "Name",
+ "Type"
+ ],
+ "type": "object"
+ },
+ "GuardrailTopicType": {
+ "description": "Type of topic in a policy",
+ "enum": [
+ "DENY"
+ ],
+ "type": "string"
+ },
+ "GuardrailWordConfig": {
+ "additionalProperties": false,
+ "description": "A custom word config.",
+ "properties": {
+ "Text": {
+ "description": "The custom word text.",
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Text"
+ ],
+ "type": "object"
+ },
+ "Tags": {
+ "additionalProperties": false,
+ "patternProperties": {
+ "^(?!aws:)[a-zA-Z+-=._:/]+$": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::Wisdom::AIGuardrail Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "wisdom:CreateAIGuardrail",
+ "wisdom:TagResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "wisdom:DeleteAIGuardrail"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "AssistantId": {
+ "$ref": "resource-schema.json#/properties/AssistantId"
+ }
+ },
+ "required": [
+ "AssistantId"
+ ]
+ },
+ "permissions": [
+ "wisdom:ListAIGuardrails"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "wisdom:GetAIGuardrail"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "wisdom:UpdateAIGuardrail"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/AIGuardrailId",
+ "/properties/AssistantId"
+ ],
+ "properties": {
+ "AIGuardrailArn": {
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}$",
+ "type": "string"
+ },
+ "AIGuardrailId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$|^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "AssistantArn": {
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}$",
+ "type": "string"
+ },
+ "AssistantId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$|^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}$",
+ "type": "string"
+ },
+ "BlockedInputMessaging": {
+ "description": "Messaging for when violations are detected in text",
+ "maxLength": 500,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BlockedOutputsMessaging": {
+ "description": "Messaging for when violations are detected in text",
+ "maxLength": 500,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ContentPolicyConfig": {
+ "$ref": "#/definitions/AIGuardrailContentPolicyConfig"
+ },
+ "ContextualGroundingPolicyConfig": {
+ "$ref": "#/definitions/AIGuardrailContextualGroundingPolicyConfig"
+ },
+ "Description": {
+ "description": "Description of the guardrail or its version",
+ "maxLength": 200,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Name": {
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9\\s_.,-]+",
+ "type": "string"
+ },
+ "SensitiveInformationPolicyConfig": {
+ "$ref": "#/definitions/AIGuardrailSensitiveInformationPolicyConfig"
+ },
+ "Tags": {
+ "$ref": "#/definitions/Tags"
+ },
+ "TopicPolicyConfig": {
+ "$ref": "#/definitions/AIGuardrailTopicPolicyConfig"
+ },
+ "WordPolicyConfig": {
+ "$ref": "#/definitions/AIGuardrailWordPolicyConfig"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/AIGuardrailArn",
+ "/properties/AIGuardrailId",
+ "/properties/AssistantArn"
+ ],
+ "required": [
+ "AssistantId",
+ "BlockedInputMessaging",
+ "BlockedOutputsMessaging"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "wisdom:TagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
+ "typeName": "AWS::Wisdom::AIGuardrail"
+}
diff --git a/schema/aws-wisdom-aiguardrailversion.json b/schema/aws-wisdom-aiguardrailversion.json
new file mode 100644
index 0000000..65bc22a
--- /dev/null
+++ b/schema/aws-wisdom-aiguardrailversion.json
@@ -0,0 +1,110 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/AIGuardrailArn",
+ "/properties/AssistantArn"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/AssistantId",
+ "/properties/AIGuardrailId",
+ "/properties/ModifiedTimeSeconds"
+ ],
+ "definitions": {},
+ "description": "Definition of AWS::Wisdom::AIGuardrailVersion Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "wisdom:CreateAIGuardrailVersion"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "wisdom:DeleteAIGuardrailVersion"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "AIGuardrailId": {
+ "$ref": "resource-schema.json#/properties/AIGuardrailId"
+ },
+ "AssistantId": {
+ "$ref": "resource-schema.json#/properties/AssistantId"
+ }
+ },
+ "required": [
+ "AssistantId",
+ "AIGuardrailId"
+ ]
+ },
+ "permissions": [
+ "wisdom:ListAIGuardrailVersions"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "wisdom:GetAIGuardrail",
+ "wisdom:GetAIGuardrailVersion"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "wisdom:GetAIGuardrail",
+ "wisdom:GetAIGuardrailVersion"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/AssistantId",
+ "/properties/AIGuardrailId",
+ "/properties/VersionNumber"
+ ],
+ "properties": {
+ "AIGuardrailArn": {
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$",
+ "type": "string"
+ },
+ "AIGuardrailId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$",
+ "type": "string"
+ },
+ "AIGuardrailVersionId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "AssistantArn": {
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$",
+ "type": "string"
+ },
+ "AssistantId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$",
+ "type": "string"
+ },
+ "ModifiedTimeSeconds": {
+ "type": "number"
+ },
+ "VersionNumber": {
+ "type": "number"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/AIGuardrailVersionId",
+ "/properties/AIGuardrailArn",
+ "/properties/AssistantArn",
+ "/properties/VersionNumber"
+ ],
+ "required": [
+ "AssistantId",
+ "AIGuardrailId"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "taggable": false
+ },
+ "typeName": "AWS::Wisdom::AIGuardrailVersion"
+}
diff --git a/schema/aws-wisdom-aiprompt.json b/schema/aws-wisdom-aiprompt.json
new file mode 100644
index 0000000..95956fe
--- /dev/null
+++ b/schema/aws-wisdom-aiprompt.json
@@ -0,0 +1,209 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/AIPromptArn",
+ "/properties/AssistantArn"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/ApiFormat",
+ "/properties/AssistantId",
+ "/properties/ModelId",
+ "/properties/Name",
+ "/properties/Tags",
+ "/properties/TemplateType",
+ "/properties/Type"
+ ],
+ "definitions": {
+ "AIPromptAPIFormat": {
+ "enum": [
+ "ANTHROPIC_CLAUDE_MESSAGES",
+ "ANTHROPIC_CLAUDE_TEXT_COMPLETIONS",
+ "MESSAGES",
+ "TEXT_COMPLETIONS"
+ ],
+ "type": "string"
+ },
+ "AIPromptTemplateConfiguration": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "TextFullAIPromptEditTemplateConfiguration": {
+ "$ref": "#/definitions/TextFullAIPromptEditTemplateConfiguration"
+ }
+ },
+ "required": [
+ "TextFullAIPromptEditTemplateConfiguration"
+ ],
+ "title": "TextFullAIPromptEditTemplateConfiguration",
+ "type": "object"
+ }
+ ],
+ "type": "object"
+ },
+ "AIPromptTemplateType": {
+ "enum": [
+ "TEXT"
+ ],
+ "type": "string"
+ },
+ "AIPromptType": {
+ "enum": [
+ "ANSWER_GENERATION",
+ "INTENT_LABELING_GENERATION",
+ "QUERY_REFORMULATION",
+ "SELF_SERVICE_PRE_PROCESSING",
+ "SELF_SERVICE_ANSWER_GENERATION"
+ ],
+ "type": "string"
+ },
+ "Tags": {
+ "additionalProperties": false,
+ "patternProperties": {
+ "^(?!aws:)[a-zA-Z+-=._:/]+$": {
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "TextFullAIPromptEditTemplateConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "Text": {
+ "maxLength": 200000,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Text"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::Wisdom::AIPrompt Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "wisdom:CreateAIPrompt",
+ "wisdom:TagResource"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "wisdom:DeleteAIPrompt"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "AssistantId": {
+ "$ref": "resource-schema.json#/properties/AssistantId"
+ }
+ },
+ "required": [
+ "AssistantId"
+ ]
+ },
+ "permissions": [
+ "wisdom:ListAIPrompts"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "wisdom:GetAIPrompt"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "wisdom:UpdateAIPrompt"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/AIPromptId",
+ "/properties/AssistantId"
+ ],
+ "properties": {
+ "AIPromptArn": {
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}$",
+ "type": "string"
+ },
+ "AIPromptId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$|^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "ApiFormat": {
+ "$ref": "#/definitions/AIPromptAPIFormat"
+ },
+ "AssistantArn": {
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}$",
+ "type": "string"
+ },
+ "AssistantId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$|^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}){0,2}$",
+ "type": "string"
+ },
+ "Description": {
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9\\s_.,-]+",
+ "type": "string"
+ },
+ "ModelId": {
+ "maxLength": 2048,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ModifiedTimeSeconds": {
+ "type": "number"
+ },
+ "Name": {
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9\\s_.,-]+",
+ "type": "string"
+ },
+ "Tags": {
+ "$ref": "#/definitions/Tags"
+ },
+ "TemplateConfiguration": {
+ "$ref": "#/definitions/AIPromptTemplateConfiguration"
+ },
+ "TemplateType": {
+ "$ref": "#/definitions/AIPromptTemplateType"
+ },
+ "Type": {
+ "$ref": "#/definitions/AIPromptType"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/AIPromptArn",
+ "/properties/AIPromptId",
+ "/properties/AssistantArn",
+ "/properties/ModifiedTimeSeconds"
+ ],
+ "required": [
+ "ApiFormat",
+ "ModelId",
+ "TemplateConfiguration",
+ "TemplateType",
+ "Type"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "wisdom:TagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
+ "typeName": "AWS::Wisdom::AIPrompt"
+}
diff --git a/schema/aws-wisdom-aipromptversion.json b/schema/aws-wisdom-aipromptversion.json
new file mode 100644
index 0000000..329c2d2
--- /dev/null
+++ b/schema/aws-wisdom-aipromptversion.json
@@ -0,0 +1,110 @@
+{
+ "additionalIdentifiers": [
+ [
+ "/properties/AIPromptArn",
+ "/properties/AssistantArn"
+ ]
+ ],
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/AssistantId",
+ "/properties/AIPromptId",
+ "/properties/ModifiedTimeSeconds"
+ ],
+ "definitions": {},
+ "description": "Definition of AWS::Wisdom::AIPromptVersion Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "wisdom:CreateAIPromptVersion"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "wisdom:DeleteAIPromptVersion"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "AIPromptId": {
+ "$ref": "resource-schema.json#/properties/AIPromptId"
+ },
+ "AssistantId": {
+ "$ref": "resource-schema.json#/properties/AssistantId"
+ }
+ },
+ "required": [
+ "AssistantId",
+ "AIPromptId"
+ ]
+ },
+ "permissions": [
+ "wisdom:ListAIPromptVersions"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "wisdom:GetAIPrompt",
+ "wisdom:GetAIPromptVersion"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "wisdom:GetAIPrompt",
+ "wisdom:GetAIPromptVersion"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/AssistantId",
+ "/properties/AIPromptId",
+ "/properties/VersionNumber"
+ ],
+ "properties": {
+ "AIPromptArn": {
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$",
+ "type": "string"
+ },
+ "AIPromptId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$",
+ "type": "string"
+ },
+ "AIPromptVersionId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(:[A-Z0-9_$]+){0,1}$",
+ "type": "string"
+ },
+ "AssistantArn": {
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$",
+ "type": "string"
+ },
+ "AssistantId": {
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$",
+ "type": "string"
+ },
+ "ModifiedTimeSeconds": {
+ "type": "number"
+ },
+ "VersionNumber": {
+ "type": "number"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/AIPromptArn",
+ "/properties/AIPromptVersionId",
+ "/properties/AssistantArn",
+ "/properties/VersionNumber"
+ ],
+ "required": [
+ "AssistantId",
+ "AIPromptId"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "tagOnCreate": false,
+ "tagUpdatable": false,
+ "taggable": false
+ },
+ "typeName": "AWS::Wisdom::AIPromptVersion"
+}
diff --git a/schema/aws-wisdom-assistant.json b/schema/aws-wisdom-assistant.json
index 203eaf5..7bc50f9 100644
--- a/schema/aws-wisdom-assistant.json
+++ b/schema/aws-wisdom-assistant.json
@@ -129,6 +129,15 @@
"Name",
"Type"
],
- "taggable": false,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "wisdom:TagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
"typeName": "AWS::Wisdom::Assistant"
}
diff --git a/schema/aws-wisdom-assistantassociation.json b/schema/aws-wisdom-assistantassociation.json
index 84ecafe..c2664fd 100644
--- a/schema/aws-wisdom-assistantassociation.json
+++ b/schema/aws-wisdom-assistantassociation.json
@@ -141,6 +141,15 @@
"AssistantId"
],
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk",
- "taggable": false,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "wisdom:TagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
"typeName": "AWS::Wisdom::AssistantAssociation"
}
diff --git a/schema/aws-wisdom-knowledgebase.json b/schema/aws-wisdom-knowledgebase.json
index 6322ad9..6714482 100644
--- a/schema/aws-wisdom-knowledgebase.json
+++ b/schema/aws-wisdom-knowledgebase.json
@@ -40,13 +40,115 @@
],
"type": "object"
},
+ "BedrockFoundationModelConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ModelArn": {
+ "maxLength": 2048,
+ "minLength": 1,
+ "pattern": "^arn:aws(-[^:]+)?:bedrock:[a-z0-9-]{1,20}::foundation-model\\/anthropic.claude-3-haiku-20240307-v1:0$",
+ "type": "string"
+ },
+ "ParsingPrompt": {
+ "additionalProperties": false,
+ "properties": {
+ "ParsingPromptText": {
+ "maxLength": 10000,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "ParsingPromptText"
+ ],
+ "type": "object"
+ }
+ },
+ "required": [
+ "ModelArn"
+ ],
+ "type": "object"
+ },
+ "FixedSizeChunkingConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "MaxTokens": {
+ "minimum": 1,
+ "type": "number"
+ },
+ "OverlapPercentage": {
+ "maximum": 99,
+ "minimum": 1,
+ "type": "number"
+ }
+ },
+ "required": [
+ "MaxTokens",
+ "OverlapPercentage"
+ ],
+ "type": "object"
+ },
+ "HierarchicalChunkingConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "LevelConfigurations": {
+ "items": {
+ "$ref": "#/definitions/HierarchicalChunkingLevelConfiguration"
+ },
+ "maxItems": 2,
+ "minItems": 2,
+ "type": "array"
+ },
+ "OverlapTokens": {
+ "minimum": 1,
+ "type": "number"
+ }
+ },
+ "required": [
+ "LevelConfigurations",
+ "OverlapTokens"
+ ],
+ "type": "object"
+ },
+ "HierarchicalChunkingLevelConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "MaxTokens": {
+ "maximum": 8192,
+ "minimum": 1,
+ "type": "number"
+ }
+ },
+ "required": [
+ "MaxTokens"
+ ],
+ "type": "object"
+ },
"KnowledgeBaseType": {
"enum": [
"EXTERNAL",
- "CUSTOM"
+ "CUSTOM",
+ "MESSAGE_TEMPLATES",
+ "MANAGED"
],
"type": "string"
},
+ "ManagedSourceConfiguration": {
+ "oneOf": [
+ {
+ "additionalProperties": false,
+ "properties": {
+ "WebCrawlerConfiguration": {
+ "$ref": "#/definitions/WebCrawlerConfiguration"
+ }
+ },
+ "required": [
+ "WebCrawlerConfiguration"
+ ],
+ "type": "object"
+ }
+ ]
+ },
"RenderingConfiguration": {
"additionalProperties": false,
"properties": {
@@ -58,6 +160,41 @@
},
"type": "object"
},
+ "SeedUrl": {
+ "additionalProperties": false,
+ "properties": {
+ "Url": {
+ "pattern": "^https?://[A-Za-z0-9][^\\s]*$",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "SemanticChunkingConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "BreakpointPercentileThreshold": {
+ "maximum": 99,
+ "minimum": 50,
+ "type": "number"
+ },
+ "BufferSize": {
+ "maximum": 1,
+ "minimum": 0,
+ "type": "number"
+ },
+ "MaxTokens": {
+ "minimum": 1,
+ "type": "number"
+ }
+ },
+ "required": [
+ "MaxTokens",
+ "BufferSize",
+ "BreakpointPercentileThreshold"
+ ],
+ "type": "object"
+ },
"ServerSideEncryptionConfiguration": {
"additionalProperties": false,
"properties": {
@@ -70,20 +207,34 @@
"type": "object"
},
"SourceConfiguration": {
- "additionalProperties": false,
"oneOf": [
{
+ "additionalProperties": false,
+ "properties": {
+ "AppIntegrations": {
+ "$ref": "#/definitions/AppIntegrationsConfiguration"
+ }
+ },
"required": [
"AppIntegrations"
- ]
- }
- ],
- "properties": {
- "AppIntegrations": {
- "$ref": "#/definitions/AppIntegrationsConfiguration"
+ ],
+ "title": "AppIntegrationsConfiguration",
+ "type": "object"
+ },
+ {
+ "additionalProperties": false,
+ "properties": {
+ "ManagedSourceConfiguration": {
+ "$ref": "#/definitions/ManagedSourceConfiguration"
+ }
+ },
+ "required": [
+ "ManagedSourceConfiguration"
+ ],
+ "title": "ManagedSourceConfiguration",
+ "type": "object"
}
- },
- "type": "object"
+ ]
},
"Tag": {
"additionalProperties": false,
@@ -105,6 +256,117 @@
"Value"
],
"type": "object"
+ },
+ "UrlFilterList": {
+ "items": {
+ "$ref": "#/definitions/UrlFilterPattern"
+ },
+ "maxItems": 25,
+ "minItems": 1,
+ "type": "array"
+ },
+ "UrlFilterPattern": {
+ "maxLength": 1000,
+ "minLength": 1,
+ "type": "string"
+ },
+ "VectorIngestionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ChunkingConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "ChunkingStrategy": {
+ "enum": [
+ "FIXED_SIZE",
+ "NONE",
+ "HIERARCHICAL",
+ "SEMANTIC"
+ ],
+ "type": "string"
+ },
+ "FixedSizeChunkingConfiguration": {
+ "$ref": "#/definitions/FixedSizeChunkingConfiguration"
+ },
+ "HierarchicalChunkingConfiguration": {
+ "$ref": "#/definitions/HierarchicalChunkingConfiguration"
+ },
+ "SemanticChunkingConfiguration": {
+ "$ref": "#/definitions/SemanticChunkingConfiguration"
+ }
+ },
+ "required": [
+ "ChunkingStrategy"
+ ],
+ "type": "object"
+ },
+ "ParsingConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "BedrockFoundationModelConfiguration": {
+ "$ref": "#/definitions/BedrockFoundationModelConfiguration"
+ },
+ "ParsingStrategy": {
+ "enum": [
+ "BEDROCK_FOUNDATION_MODEL"
+ ],
+ "type": "string"
+ }
+ },
+ "required": [
+ "ParsingStrategy"
+ ],
+ "type": "object"
+ }
+ },
+ "type": "object"
+ },
+ "WebCrawlerConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "CrawlerLimits": {
+ "additionalProperties": false,
+ "properties": {
+ "RateLimit": {
+ "maximum": 3000,
+ "minimum": 1,
+ "type": "number"
+ }
+ },
+ "type": "object"
+ },
+ "ExclusionFilters": {
+ "$ref": "#/definitions/UrlFilterList"
+ },
+ "InclusionFilters": {
+ "$ref": "#/definitions/UrlFilterList"
+ },
+ "Scope": {
+ "enum": [
+ "HOST_ONLY",
+ "SUBDOMAINS"
+ ],
+ "type": "string"
+ },
+ "UrlConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "SeedUrls": {
+ "items": {
+ "$ref": "#/definitions/SeedUrl"
+ },
+ "maxItems": 100,
+ "minItems": 1,
+ "type": "array"
+ }
+ },
+ "type": "object"
+ }
+ },
+ "required": [
+ "UrlConfiguration"
+ ],
+ "type": "object"
}
},
"description": "Definition of AWS::Wisdom::KnowledgeBase Resource Type",
@@ -190,6 +452,9 @@
},
"type": "array",
"uniqueItems": true
+ },
+ "VectorIngestionConfiguration": {
+ "$ref": "#/definitions/VectorIngestionConfiguration"
}
},
"readOnlyProperties": [
@@ -201,6 +466,15 @@
"KnowledgeBaseType",
"Name"
],
- "taggable": false,
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "wisdom:TagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
"typeName": "AWS::Wisdom::KnowledgeBase"
}
diff --git a/schema/aws-wisdom-messagetemplate.json b/schema/aws-wisdom-messagetemplate.json
new file mode 100644
index 0000000..1eff4f0
--- /dev/null
+++ b/schema/aws-wisdom-messagetemplate.json
@@ -0,0 +1,777 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/KnowledgeBaseArn",
+ "/properties/ChannelSubtype"
+ ],
+ "definitions": {
+ "AgentAttributes": {
+ "additionalProperties": false,
+ "description": "The agent attributes that are used with the message template.",
+ "properties": {
+ "FirstName": {
+ "description": "The agent\u2019s first name as entered in their Amazon Connect user account.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "LastName": {
+ "description": "The agent\u2019s last name as entered in their Amazon Connect user account.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "ChannelSubtype": {
+ "description": "The channel subtype this message template applies to.",
+ "enum": [
+ "EMAIL",
+ "SMS"
+ ],
+ "type": "string"
+ },
+ "Content": {
+ "additionalProperties": false,
+ "description": "The content of the message template.",
+ "oneOf": [
+ {
+ "required": [
+ "EmailMessageTemplateContent"
+ ]
+ },
+ {
+ "required": [
+ "SmsMessageTemplateContent"
+ ]
+ }
+ ],
+ "properties": {
+ "EmailMessageTemplateContent": {
+ "$ref": "#/definitions/EmailMessageTemplateContent"
+ },
+ "SmsMessageTemplateContent": {
+ "$ref": "#/definitions/SmsMessageTemplateContent"
+ }
+ },
+ "type": "object"
+ },
+ "CustomAttributes": {
+ "additionalProperties": false,
+ "description": "The custom attributes that are used with the message template.",
+ "patternProperties": {
+ "^[a-zA-Z0-9\\s._:/=+@-]*$": {
+ "description": "Value of a custom attribute.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "CustomerProfileAttributes": {
+ "additionalProperties": false,
+ "description": "The customer profile attributes that are used with the message template.",
+ "properties": {
+ "AccountNumber": {
+ "description": "A unique account number that you have given to the customer.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "AdditionalInformation": {
+ "description": "Any additional information relevant to the customer's profile.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Address1": {
+ "description": "The first line of a customer address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Address2": {
+ "description": "The second line of a customer address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Address3": {
+ "description": "The third line of a customer address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Address4": {
+ "description": "The fourth line of a customer address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BillingAddress1": {
+ "description": "The first line of a customer\u2019s billing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BillingAddress2": {
+ "description": "The second line of a customer\u2019s billing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BillingAddress3": {
+ "description": "The third line of a customer\u2019s billing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BillingAddress4": {
+ "description": "The fourth line of a customer\u2019s billing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BillingCity": {
+ "description": "The city of a customer\u2019s billing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BillingCountry": {
+ "description": "The country of a customer\u2019s billing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BillingCounty": {
+ "description": "The county of a customer\u2019s billing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BillingPostalCode": {
+ "description": "The postal code of a customer\u2019s billing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BillingProvince": {
+ "description": "The province of a customer\u2019s billing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BillingState": {
+ "description": "The state of a customer\u2019s billing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BirthDate": {
+ "description": "The customer's birth date.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BusinessEmailAddress": {
+ "description": "The customer's business email address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BusinessName": {
+ "description": "The name of the customer's business.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "BusinessPhoneNumber": {
+ "description": "The customer's business phone number.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "City": {
+ "description": "The city in which a customer lives.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Country": {
+ "description": "The country in which a customer lives.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "County": {
+ "description": "The county in which a customer lives.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Custom": {
+ "$ref": "#/definitions/CustomAttributes"
+ },
+ "EmailAddress": {
+ "description": "The customer's email address, which has not been specified as a personal or business address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "FirstName": {
+ "description": "The customer's first name.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Gender": {
+ "description": "The customer's gender.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "HomePhoneNumber": {
+ "description": "The customer's home phone number.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "LastName": {
+ "description": "The customer's last name.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MailingAddress1": {
+ "description": "The first line of a customer\u2019s mailing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MailingAddress2": {
+ "description": "The second line of a customer\u2019s mailing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MailingAddress3": {
+ "description": "The third line of a customer\u2019s mailing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MailingAddress4": {
+ "description": "The fourth line of a customer\u2019s mailing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MailingCity": {
+ "description": "The city of a customer\u2019s mailing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MailingCountry": {
+ "description": "The country of a customer\u2019s mailing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MailingCounty": {
+ "description": "The county of a customer\u2019s mailing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MailingPostalCode": {
+ "description": "The postal code of a customer\u2019s mailing address",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MailingProvince": {
+ "description": "The province of a customer\u2019s mailing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MailingState": {
+ "description": "The state of a customer\u2019s mailing address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MiddleName": {
+ "description": "The customer's middle name.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MobilePhoneNumber": {
+ "description": "The customer's mobile phone number.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "PartyType": {
+ "description": "The customer's party type.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "PhoneNumber": {
+ "description": "The customer's phone number, which has not been specified as a mobile, home, or business number.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "PostalCode": {
+ "description": "The postal code of a customer address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ProfileARN": {
+ "description": "The ARN of a customer profile.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ProfileId": {
+ "description": "The unique identifier of a customer profile.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Province": {
+ "description": "The province in which a customer lives.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ShippingAddress1": {
+ "description": "The first line of a customer\u2019s shipping address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ShippingAddress2": {
+ "description": "The second line of a customer\u2019s shipping address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ShippingAddress3": {
+ "description": "The third line of a customer\u2019s shipping address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ShippingAddress4": {
+ "description": "The fourth line of a customer\u2019s shipping address",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ShippingCity": {
+ "description": "The city of a customer\u2019s shipping address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ShippingCountry": {
+ "description": "The country of a customer\u2019s shipping address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ShippingCounty": {
+ "description": "The county of a customer\u2019s shipping address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ShippingPostalCode": {
+ "description": "The postal code of a customer\u2019s shipping address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ShippingProvince": {
+ "description": "The province of a customer\u2019s shipping address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "ShippingState": {
+ "description": "The state of a customer\u2019s shipping address.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "State": {
+ "description": "The state in which a customer lives.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "EmailMessageTemplateContent": {
+ "additionalProperties": false,
+ "description": "The content of message template that applies to email channel subtype.",
+ "properties": {
+ "Body": {
+ "$ref": "#/definitions/EmailMessageTemplateContentBody"
+ },
+ "Headers": {
+ "description": "The email headers to include in email messages.",
+ "insertionOrder": true,
+ "items": {
+ "$ref": "#/definitions/EmailMessageTemplateHeader"
+ },
+ "maxItems": 15,
+ "minItems": 0,
+ "type": "array",
+ "uniqueItems": true
+ },
+ "Subject": {
+ "description": "The subject line, or title, to use in email messages.",
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Subject",
+ "Body",
+ "Headers"
+ ],
+ "type": "object"
+ },
+ "EmailMessageTemplateContentBody": {
+ "additionalProperties": false,
+ "description": "The body to use in email messages.",
+ "properties": {
+ "Html": {
+ "$ref": "#/definitions/MessageTemplateBodyContentProvider",
+ "description": "The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message."
+ },
+ "PlainText": {
+ "$ref": "#/definitions/MessageTemplateBodyContentProvider",
+ "description": "The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices."
+ }
+ },
+ "type": "object"
+ },
+ "EmailMessageTemplateHeader": {
+ "additionalProperties": false,
+ "description": "The email header to include in email messages.",
+ "properties": {
+ "Name": {
+ "description": "The name of the email header.",
+ "maxLength": 126,
+ "minLength": 1,
+ "pattern": "^[!-9;-@A-~]+$",
+ "type": "string"
+ },
+ "Value": {
+ "description": "The value of the email header.",
+ "maxLength": 870,
+ "minLength": 1,
+ "pattern": "[ -~]*",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "GroupingConfiguration": {
+ "additionalProperties": false,
+ "description": "The configuration information of the user groups that the message template is accessible to.",
+ "properties": {
+ "Criteria": {
+ "description": "The criteria used for grouping Amazon Q in Connect users.",
+ "maxLength": 100,
+ "minLength": 1,
+ "type": "string"
+ },
+ "Values": {
+ "description": "The list of values that define different groups of Amazon Q in Connect users.",
+ "insertionOrder": true,
+ "items": {
+ "$ref": "#/definitions/GroupingValue"
+ },
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "required": [
+ "Criteria",
+ "Values"
+ ],
+ "type": "object"
+ },
+ "GroupingValue": {
+ "description": "The value that define the group of Amazon Q in Connect users.",
+ "maxLength": 2048,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MessageTemplateAttributes": {
+ "additionalProperties": false,
+ "description": "An object that specifies the default values to use for variables in the message template. This object contains different categories of key-value pairs. Each key defines a variable or placeholder in the message template. The corresponding value defines the default value for that variable.",
+ "properties": {
+ "AgentAttributes": {
+ "$ref": "#/definitions/AgentAttributes"
+ },
+ "CustomAttributes": {
+ "$ref": "#/definitions/CustomAttributes"
+ },
+ "CustomerProfileAttributes": {
+ "$ref": "#/definitions/CustomerProfileAttributes"
+ },
+ "SystemAttributes": {
+ "$ref": "#/definitions/SystemAttributes"
+ }
+ },
+ "type": "object"
+ },
+ "MessageTemplateBodyContentProvider": {
+ "additionalProperties": false,
+ "description": "The container of message template body.",
+ "properties": {
+ "Content": {
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "SmsMessageTemplateContent": {
+ "additionalProperties": false,
+ "description": "The content of message template that applies to SMS channel subtype.",
+ "properties": {
+ "Body": {
+ "$ref": "#/definitions/SmsMessageTemplateContentBody"
+ }
+ },
+ "required": [
+ "Body"
+ ],
+ "type": "object"
+ },
+ "SmsMessageTemplateContentBody": {
+ "additionalProperties": false,
+ "description": "The body to use in SMS messages.",
+ "properties": {
+ "PlainText": {
+ "$ref": "#/definitions/MessageTemplateBodyContentProvider"
+ }
+ },
+ "type": "object"
+ },
+ "SystemAttributes": {
+ "additionalProperties": false,
+ "description": "The system attributes that are used with the message template.",
+ "properties": {
+ "CustomerEndpoint": {
+ "$ref": "#/definitions/SystemEndpointAttributes",
+ "description": "The CustomerEndpoint attribute."
+ },
+ "Name": {
+ "description": "The name of the task.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ },
+ "SystemEndpoint": {
+ "$ref": "#/definitions/SystemEndpointAttributes",
+ "description": "The SystemEndpoint attribute."
+ }
+ },
+ "type": "object"
+ },
+ "SystemEndpointAttributes": {
+ "additionalProperties": false,
+ "description": "The system endpoint attributes that are used with the message template.",
+ "properties": {
+ "Address": {
+ "description": "The customer's phone number if used with customerEndpoint, or the number the customer dialed to call your contact center if used with systemEndpoint.",
+ "maxLength": 32767,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "description": "A key-value pair to associate with a resource.",
+ "properties": {
+ "Key": {
+ "description": "The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -",
+ "maxLength": 128,
+ "minLength": 1,
+ "pattern": "^(?!aws:)[a-zA-Z+-=._:/]+$",
+ "type": "string"
+ },
+ "Value": {
+ "description": "The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -",
+ "maxLength": 256,
+ "minLength": 1,
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::Wisdom::MessageTemplate Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "wisdom:CreateMessageTemplate",
+ "wisdom:GetMessageTemplate",
+ "wisdom:TagResource",
+ "connect:SearchRoutingProfiles",
+ "connect:DescribeRoutingProfile"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "wisdom:DeleteMessageTemplate",
+ "wisdom:UntagResource"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "KnowledgeBaseArn": {
+ "$ref": "resource-schema.json#/properties/KnowledgeBaseArn"
+ }
+ },
+ "required": [
+ "KnowledgeBaseArn"
+ ]
+ },
+ "permissions": [
+ "wisdom:ListMessageTemplates"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "wisdom:GetMessageTemplate"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "wisdom:UpdateMessageTemplate",
+ "wisdom:UpdateMessageTemplateMetadata",
+ "wisdom:GetMessageTemplate",
+ "wisdom:TagResource",
+ "wisdom:UntagResource",
+ "connect:SearchRoutingProfiles",
+ "connect:DescribeRoutingProfile"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/MessageTemplateArn"
+ ],
+ "properties": {
+ "ChannelSubtype": {
+ "$ref": "#/definitions/ChannelSubtype"
+ },
+ "Content": {
+ "$ref": "#/definitions/Content"
+ },
+ "DefaultAttributes": {
+ "$ref": "#/definitions/MessageTemplateAttributes"
+ },
+ "Description": {
+ "description": "The description of the message template.",
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9\\\\s_.,-]+",
+ "type": "string"
+ },
+ "GroupingConfiguration": {
+ "$ref": "#/definitions/GroupingConfiguration"
+ },
+ "KnowledgeBaseArn": {
+ "description": "The Amazon Resource Name (ARN) of the knowledge base to which the message template belongs.",
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$",
+ "type": "string"
+ },
+ "Language": {
+ "description": "The language code value for the language in which the message template is written. The supported language codes include de_DE, en_US, es_ES, fr_FR, id_ID, it_IT, ja_JP, ko_KR, pt_BR, zh_CN, zh_TW",
+ "maxLength": 5,
+ "minLength": 2,
+ "type": "string"
+ },
+ "MessageTemplateArn": {
+ "description": "The Amazon Resource Name (ARN) of the message template.",
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$",
+ "type": "string"
+ },
+ "MessageTemplateContentSha256": {
+ "description": "The content SHA256 of the message template.",
+ "maxLength": 64,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MessageTemplateId": {
+ "description": "The unique identifier of the message template.",
+ "pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$",
+ "type": "string"
+ },
+ "Name": {
+ "description": "The name of the message template.",
+ "maxLength": 255,
+ "minLength": 1,
+ "pattern": "^[a-zA-Z0-9\\\\s_.,-]+",
+ "type": "string"
+ },
+ "Tags": {
+ "description": "The tags used to organize, track, or control access for this resource. For example, { \"tags\": {\"key1\":\"value1\", \"key2\":\"value2\"} }.",
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "type": "array",
+ "uniqueItems": true
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/MessageTemplateId",
+ "/properties/MessageTemplateArn",
+ "/properties/MessageTemplateContentSha256"
+ ],
+ "replacementStrategy": "create_then_delete",
+ "required": [
+ "KnowledgeBaseArn",
+ "ChannelSubtype",
+ "Name",
+ "Content"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-wisdom",
+ "tagging": {
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "wisdom:TagResource",
+ "wisdom:UntagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::Wisdom::MessageTemplate"
+}
diff --git a/schema/aws-wisdom-messagetemplateversion.json b/schema/aws-wisdom-messagetemplateversion.json
new file mode 100644
index 0000000..6665e53
--- /dev/null
+++ b/schema/aws-wisdom-messagetemplateversion.json
@@ -0,0 +1,85 @@
+{
+ "additionalProperties": false,
+ "conditionalCreateOnlyProperties": [
+ "/properties/MessageTemplateContentSha256"
+ ],
+ "createOnlyProperties": [
+ "/properties/MessageTemplateArn"
+ ],
+ "description": "A version for the specified customer-managed message template within the specified knowledge base.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "wisdom:CreateMessageTemplateVersion",
+ "wisdom:ListMessageTemplateVersions"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "wisdom:DeleteMessageTemplate"
+ ]
+ },
+ "list": {
+ "handlerSchema": {
+ "properties": {
+ "MessageTemplateArn": {
+ "$ref": "resource-schema.json#/properties/MessageTemplateArn"
+ }
+ },
+ "required": [
+ "MessageTemplateArn"
+ ]
+ },
+ "permissions": [
+ "wisdom:ListMessageTemplateVersions"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "wisdom:GetMessageTemplate"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "wisdom:CreateMessageTemplateVersion"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/MessageTemplateVersionArn"
+ ],
+ "properties": {
+ "MessageTemplateArn": {
+ "description": "The unqualified Amazon Resource Name (ARN) of the message template.",
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})?$",
+ "type": "string"
+ },
+ "MessageTemplateContentSha256": {
+ "description": "The content SHA256 of the message template.",
+ "maxLength": 64,
+ "minLength": 1,
+ "type": "string"
+ },
+ "MessageTemplateVersionArn": {
+ "description": "The unqualified Amazon Resource Name (ARN) of the message template version.",
+ "pattern": "^arn:[a-z-]*?:wisdom:[a-z0-9-]*?:[0-9]{12}:[a-z-]*?/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}(?:/[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}):[0-9]+?$",
+ "type": "string"
+ },
+ "MessageTemplateVersionNumber": {
+ "description": "Current version number of the message template.",
+ "type": "number"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/MessageTemplateVersionNumber",
+ "/properties/MessageTemplateVersionArn"
+ ],
+ "required": [
+ "MessageTemplateArn"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "taggable": false
+ },
+ "typeName": "AWS::Wisdom::MessageTemplateVersion"
+}
diff --git a/schema/aws-workspaces-connectionalias.json b/schema/aws-workspaces-connectionalias.json
index 51cfba8..c7b4c58 100644
--- a/schema/aws-workspaces-connectionalias.json
+++ b/schema/aws-workspaces-connectionalias.json
@@ -57,17 +57,24 @@
"handlers": {
"create": {
"permissions": [
- "workspaces:CreateConnectionAlias"
+ "workspaces:CreateConnectionAlias",
+ "workspaces:CreateTags",
+ "workspaces:DescribeConnectionAliases",
+ "workspaces:DescribeTags"
]
},
"delete": {
"permissions": [
- "workspaces:DeleteConnectionAlias"
+ "workspaces:DeleteConnectionAlias",
+ "workspaces:DeleteTags",
+ "workspaces:DescribeTags",
+ "workspaces:DescribeConnectionAliases"
]
},
"read": {
"permissions": [
- "workspaces:DescribeConnectionAliases"
+ "workspaces:DescribeConnectionAliases",
+ "workspaces:DescribeTags"
]
}
},
@@ -82,6 +89,7 @@
"type": "string"
},
"Associations": {
+ "insertionOrder": false,
"items": {
"$ref": "#/definitions/ConnectionAliasAssociation"
},
@@ -104,6 +112,7 @@
"type": "string"
},
"Tags": {
+ "insertionOrder": false,
"items": {
"$ref": "#/definitions/Tag"
},
@@ -119,5 +128,16 @@
"required": [
"ConnectionString"
],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "workspaces:CreateTags",
+ "workspaces:DescribeTags"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": false,
+ "taggable": true
+ },
"typeName": "AWS::WorkSpaces::ConnectionAlias"
}
diff --git a/schema/aws-workspaces-workspacespool.json b/schema/aws-workspaces-workspacespool.json
index 9bc3cf6..1c0c4a6 100644
--- a/schema/aws-workspaces-workspacespool.json
+++ b/schema/aws-workspaces-workspacespool.json
@@ -81,6 +81,7 @@
}
},
"deprecatedProperties": [
+ "/properties/Tags",
"/properties/Tags/TagKey",
"/properties/Tags/TagValue"
],
@@ -96,22 +97,29 @@
"delete": {
"permissions": [
"workspaces:DescribeWorkspacesPools",
- "workspaces:TerminateWorkspacesPool"
+ "workspaces:TerminateWorkspacesPool",
+ "workspaces:DeleteTags"
]
},
"list": {
"permissions": [
- "workspaces:DescribeWorkspacesPools"
+ "workspaces:DescribeWorkspacesPools",
+ "workspaces:DescribeTags"
]
},
"read": {
"permissions": [
- "workspaces:DescribeWorkspacesPools"
+ "workspaces:DescribeWorkspacesPools",
+ "workspaces:DescribeTags"
]
},
"update": {
"permissions": [
- "workspaces:UpdateWorkspacesPool"
+ "workspaces:UpdateWorkspacesPool",
+ "workspaces:CreateTags",
+ "workspaces:DeleteTags",
+ "workspaces:DescribeWorkspacesPools",
+ "workspaces:DescribeTags"
]
}
},
@@ -180,14 +188,16 @@
"Capacity"
],
"tagging": {
- "cloudFormationSystemTags": false,
+ "cloudFormationSystemTags": true,
+ "permissions": [
+ "workspaces:CreateTags",
+ "workspaces:DescribeTags",
+ "workspaces:DeleteTags"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": false,
"taggable": true
},
- "typeName": "AWS::WorkSpaces::WorkspacesPool",
- "writeOnlyProperties": [
- "/properties/Tags"
- ]
+ "typeName": "AWS::WorkSpaces::WorkspacesPool"
}
diff --git a/schema/aws-workspacesthinclient-environment.json b/schema/aws-workspacesthinclient-environment.json
index e687949..844cd7e 100644
--- a/schema/aws-workspacesthinclient-environment.json
+++ b/schema/aws-workspacesthinclient-environment.json
@@ -130,7 +130,7 @@
},
"list": {
"permissions": [
- "thinclient:ListEnvironment",
+ "thinclient:ListEnvironments",
"thinclient:ListTagsForResource",
"kms:Decrypt"
]
@@ -149,7 +149,6 @@
"workspaces-web:GetPortal",
"workspaces-web:GetUserSettings",
"thinclient:UpdateEnvironment",
- "thinclient:ListTagsForResource",
"thinclient:TagResource",
"thinclient:UntagResource",
"kms:Decrypt",
@@ -310,6 +309,11 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "thinclient:UntagResource",
+ "thinclient:ListTagsForResource",
+ "thinclient:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-workspacesweb-browsersettings.json b/schema/aws-workspacesweb-browsersettings.json
index 26a6839..b8195f6 100644
--- a/schema/aws-workspacesweb-browsersettings.json
+++ b/schema/aws-workspacesweb-browsersettings.json
@@ -48,10 +48,12 @@
"workspaces-web:GetBrowserSettings",
"workspaces-web:ListTagsForResource",
"workspaces-web:TagResource",
- "kms:CreateGrant",
"kms:DescribeKey",
"kms:GenerateDataKey",
- "kms:Decrypt"
+ "kms:Decrypt",
+ "kms:GenerateDataKeyWithoutPlaintext",
+ "kms:ReEncryptTo",
+ "kms:ReEncryptFrom"
]
},
"delete": {
@@ -66,7 +68,9 @@
},
"list": {
"permissions": [
- "workspaces-web:ListBrowserSettings"
+ "workspaces-web:ListBrowserSettings",
+ "kms:Decrypt",
+ "kms:DescribeKey"
]
},
"read": {
@@ -146,6 +150,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "workspaces-web:UntagResource",
+ "workspaces-web:ListTagsForResource",
+ "workspaces-web:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-workspacesweb-dataprotectionsettings.json b/schema/aws-workspacesweb-dataprotectionsettings.json
new file mode 100644
index 0000000..743cbda
--- /dev/null
+++ b/schema/aws-workspacesweb-dataprotectionsettings.json
@@ -0,0 +1,317 @@
+{
+ "additionalProperties": false,
+ "createOnlyProperties": [
+ "/properties/AdditionalEncryptionContext",
+ "/properties/CustomerManagedKey"
+ ],
+ "definitions": {
+ "CustomPattern": {
+ "additionalProperties": false,
+ "properties": {
+ "KeywordRegex": {
+ "maxLength": 300,
+ "minLength": 0,
+ "pattern": "^\\/((?:[^\\n])+)\\/([gimsuyvd]{0,8})$",
+ "type": "string"
+ },
+ "PatternDescription": {
+ "maxLength": 256,
+ "minLength": 1,
+ "pattern": "^[ _\\-\\d\\w]+$",
+ "type": "string"
+ },
+ "PatternName": {
+ "maxLength": 20,
+ "minLength": 1,
+ "pattern": "^[_\\-\\d\\w]+$",
+ "type": "string"
+ },
+ "PatternRegex": {
+ "maxLength": 300,
+ "minLength": 0,
+ "pattern": "^\\/((?:[^\\n])+)\\/([gimsuyvd]{0,8})$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "PatternName",
+ "PatternRegex"
+ ],
+ "type": "object"
+ },
+ "EncryptionContextMap": {
+ "additionalProperties": false,
+ "patternProperties": {
+ "^[\\s\\S]*$": {
+ "maxLength": 131072,
+ "minLength": 0,
+ "pattern": "^[\\s\\S]*$",
+ "type": "string"
+ }
+ },
+ "type": "object"
+ },
+ "InlineRedactionConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "GlobalConfidenceLevel": {
+ "maximum": 3,
+ "minimum": 1,
+ "type": "number"
+ },
+ "GlobalEnforcedUrls": {
+ "items": {
+ "pattern": "^((([a-zA-Z][a-zA-Z0-9+.-]*):\\/\\/(\\*|[\\w%._\\-\\+~#=@]+)?(\\/[^@\\s]*)?(?:\\?([^*\\s]+(?:\\*?)))?)|(\\*|[\\w%._\\-\\+~#=@]+\\.[\\w%._\\-\\+~#=@]+)(?::(\\d{1,5}))?(\\/[^@\\s]*)?(?:\\?([^*\\s]+(?:\\*?)))?|(([a-zA-Z][a-zA-Z0-9+.-]*):(\\/\\/)?\\*))$",
+ "type": "string"
+ },
+ "maxItems": 100,
+ "minItems": 1,
+ "type": "array"
+ },
+ "GlobalExemptUrls": {
+ "items": {
+ "pattern": "^((([a-zA-Z][a-zA-Z0-9+.-]*):\\/\\/(\\*|[\\w%._\\-\\+~#=@]+)?(\\/[^@\\s]*)?(?:\\?([^*\\s]+(?:\\*?)))?)|(\\*|[\\w%._\\-\\+~#=@]+\\.[\\w%._\\-\\+~#=@]+)(?::(\\d{1,5}))?(\\/[^@\\s]*)?(?:\\?([^*\\s]+(?:\\*?)))?|(([a-zA-Z][a-zA-Z0-9+.-]*):(\\/\\/)?\\*))$",
+ "type": "string"
+ },
+ "maxItems": 100,
+ "minItems": 1,
+ "type": "array"
+ },
+ "InlineRedactionPatterns": {
+ "items": {
+ "$ref": "#/definitions/InlineRedactionPattern"
+ },
+ "maxItems": 150,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "required": [
+ "InlineRedactionPatterns"
+ ],
+ "type": "object"
+ },
+ "InlineRedactionPattern": {
+ "additionalProperties": false,
+ "properties": {
+ "BuiltInPatternId": {
+ "maxLength": 50,
+ "minLength": 1,
+ "pattern": "^[_\\-\\d\\w]+$",
+ "type": "string"
+ },
+ "ConfidenceLevel": {
+ "maximum": 3,
+ "minimum": 1,
+ "type": "number"
+ },
+ "CustomPattern": {
+ "$ref": "#/definitions/CustomPattern"
+ },
+ "EnforcedUrls": {
+ "items": {
+ "pattern": "^((([a-zA-Z][a-zA-Z0-9+.-]*):\\/\\/(\\*|[\\w%._\\-\\+~#=@]+)?(\\/[^@\\s]*)?(?:\\?([^*\\s]+(?:\\*?)))?)|(\\*|[\\w%._\\-\\+~#=@]+\\.[\\w%._\\-\\+~#=@]+)(?::(\\d{1,5}))?(\\/[^@\\s]*)?(?:\\?([^*\\s]+(?:\\*?)))?|(([a-zA-Z][a-zA-Z0-9+.-]*):(\\/\\/)?\\*))$",
+ "type": "string"
+ },
+ "maxItems": 20,
+ "minItems": 1,
+ "type": "array"
+ },
+ "ExemptUrls": {
+ "items": {
+ "pattern": "^((([a-zA-Z][a-zA-Z0-9+.-]*):\\/\\/(\\*|[\\w%._\\-\\+~#=@]+)?(\\/[^@\\s]*)?(?:\\?([^*\\s]+(?:\\*?)))?)|(\\*|[\\w%._\\-\\+~#=@]+\\.[\\w%._\\-\\+~#=@]+)(?::(\\d{1,5}))?(\\/[^@\\s]*)?(?:\\?([^*\\s]+(?:\\*?)))?|(([a-zA-Z][a-zA-Z0-9+.-]*):(\\/\\/)?\\*))$",
+ "type": "string"
+ },
+ "maxItems": 20,
+ "minItems": 1,
+ "type": "array"
+ },
+ "RedactionPlaceHolder": {
+ "$ref": "#/definitions/RedactionPlaceHolder"
+ }
+ },
+ "required": [
+ "RedactionPlaceHolder"
+ ],
+ "type": "object"
+ },
+ "RedactionPlaceHolder": {
+ "additionalProperties": false,
+ "properties": {
+ "RedactionPlaceHolderText": {
+ "maxLength": 20,
+ "minLength": 1,
+ "pattern": "^[*_\\-\\d\\w]+$",
+ "type": "string"
+ },
+ "RedactionPlaceHolderType": {
+ "$ref": "#/definitions/RedactionPlaceHolderType"
+ }
+ },
+ "required": [
+ "RedactionPlaceHolderType"
+ ],
+ "type": "object"
+ },
+ "RedactionPlaceHolderType": {
+ "enum": [
+ "CustomText"
+ ],
+ "type": "string"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "maxLength": 128,
+ "minLength": 1,
+ "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$",
+ "type": "string"
+ },
+ "Value": {
+ "maxLength": 256,
+ "minLength": 0,
+ "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
+ }
+ },
+ "description": "Definition of AWS::WorkSpacesWeb::DataProtectionSettings Resource Type",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "workspaces-web:CreateDataProtectionSettings",
+ "workspaces-web:GetDataProtectionSettings",
+ "workspaces-web:ListDataProtectionSettings",
+ "workspaces-web:ListTagsForResource",
+ "workspaces-web:TagResource",
+ "kms:DescribeKey",
+ "kms:GenerateDataKey",
+ "kms:Decrypt",
+ "kms:GenerateDataKeyWithoutPlaintext",
+ "kms:ReEncryptTo",
+ "kms:ReEncryptFrom"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "workspaces-web:GetDataProtectionSettings",
+ "workspaces-web:ListDataProtectionSettings",
+ "workspaces-web:DeleteDataProtectionSettings",
+ "kms:DescribeKey",
+ "kms:GenerateDataKey",
+ "kms:Decrypt"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "workspaces-web:ListDataProtectionSettings",
+ "kms:Decrypt",
+ "kms:DescribeKey"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "workspaces-web:GetDataProtectionSettings",
+ "workspaces-web:ListDataProtectionSettings",
+ "workspaces-web:ListTagsForResource",
+ "kms:DescribeKey",
+ "kms:GenerateDataKey",
+ "kms:Decrypt"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "workspaces-web:UpdateDataProtectionSettings",
+ "workspaces-web:GetDataProtectionSettings",
+ "workspaces-web:ListDataProtectionSettings",
+ "workspaces-web:TagResource",
+ "workspaces-web:UntagResource",
+ "workspaces-web:ListTagsForResource",
+ "kms:DescribeKey",
+ "kms:GenerateDataKey",
+ "kms:Decrypt"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/DataProtectionSettingsArn"
+ ],
+ "properties": {
+ "AdditionalEncryptionContext": {
+ "$ref": "#/definitions/EncryptionContextMap"
+ },
+ "AssociatedPortalArns": {
+ "items": {
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$",
+ "type": "string"
+ },
+ "type": "array"
+ },
+ "CreationDate": {
+ "format": "date-time",
+ "type": "string"
+ },
+ "CustomerManagedKey": {
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$",
+ "type": "string"
+ },
+ "DataProtectionSettingsArn": {
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$",
+ "type": "string"
+ },
+ "Description": {
+ "maxLength": 256,
+ "minLength": 1,
+ "pattern": "^[ _\\-\\d\\w]+$",
+ "type": "string"
+ },
+ "DisplayName": {
+ "maxLength": 64,
+ "minLength": 1,
+ "pattern": "^[ _\\-\\d\\w]+$",
+ "type": "string"
+ },
+ "InlineRedactionConfiguration": {
+ "$ref": "#/definitions/InlineRedactionConfiguration"
+ },
+ "Tags": {
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/AssociatedPortalArns",
+ "/properties/CreationDate",
+ "/properties/DataProtectionSettingsArn"
+ ],
+ "tagging": {
+ "cloudFormationSystemTags": false,
+ "permissions": [
+ "workspaces-web:UntagResource",
+ "workspaces-web:ListTagsForResource",
+ "workspaces-web:TagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
+ },
+ "typeName": "AWS::WorkSpacesWeb::DataProtectionSettings"
+}
diff --git a/schema/aws-workspacesweb-identityprovider.json b/schema/aws-workspacesweb-identityprovider.json
index 5435466..fc4cfd4 100644
--- a/schema/aws-workspacesweb-identityprovider.json
+++ b/schema/aws-workspacesweb-identityprovider.json
@@ -26,6 +26,28 @@
"OIDC"
],
"type": "string"
+ },
+ "Tag": {
+ "additionalProperties": false,
+ "properties": {
+ "Key": {
+ "maxLength": 128,
+ "minLength": 1,
+ "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$",
+ "type": "string"
+ },
+ "Value": {
+ "maxLength": 256,
+ "minLength": 0,
+ "pattern": "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$",
+ "type": "string"
+ }
+ },
+ "required": [
+ "Key",
+ "Value"
+ ],
+ "type": "object"
}
},
"description": "Definition of AWS::WorkSpacesWeb::IdentityProvider Resource Type",
@@ -104,6 +126,15 @@
"minLength": 20,
"pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$",
"type": "string"
+ },
+ "Tags": {
+ "insertionOrder": false,
+ "items": {
+ "$ref": "#/definitions/Tag"
+ },
+ "maxItems": 200,
+ "minItems": 0,
+ "type": "array"
}
},
"readOnlyProperties": [
@@ -117,9 +148,15 @@
"sourceUrl": "https://github.com/shivankgoel/aws-cloudformation-resource-providers-workspaces-web",
"tagging": {
"cloudFormationSystemTags": false,
- "tagOnCreate": false,
- "tagUpdatable": false,
- "taggable": false
+ "permissions": [
+ "workspaces-web:UntagResource",
+ "workspaces-web:ListTagsForResource",
+ "workspaces-web:TagResource"
+ ],
+ "tagOnCreate": true,
+ "tagProperty": "/properties/Tags",
+ "tagUpdatable": true,
+ "taggable": true
},
"typeName": "AWS::WorkSpacesWeb::IdentityProvider",
"writeOnlyProperties": [
diff --git a/schema/aws-workspacesweb-ipaccesssettings.json b/schema/aws-workspacesweb-ipaccesssettings.json
index 6073f98..6d01fb1 100644
--- a/schema/aws-workspacesweb-ipaccesssettings.json
+++ b/schema/aws-workspacesweb-ipaccesssettings.json
@@ -69,10 +69,12 @@
"workspaces-web:ListIpAccessSettings",
"workspaces-web:ListTagsForResource",
"workspaces-web:TagResource",
- "kms:CreateGrant",
"kms:DescribeKey",
"kms:GenerateDataKey",
- "kms:Decrypt"
+ "kms:Decrypt",
+ "kms:GenerateDataKeyWithoutPlaintext",
+ "kms:ReEncryptTo",
+ "kms:ReEncryptFrom"
]
},
"delete": {
@@ -88,7 +90,9 @@
},
"list": {
"permissions": [
- "workspaces-web:ListIpAccessSettings"
+ "workspaces-web:ListIpAccessSettings",
+ "kms:Decrypt",
+ "kms:DescribeKey"
]
},
"read": {
@@ -191,6 +195,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "workspaces-web:UntagResource",
+ "workspaces-web:ListTagsForResource",
+ "workspaces-web:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-workspacesweb-networksettings.json b/schema/aws-workspacesweb-networksettings.json
index 950f6ea..1dbbf15 100644
--- a/schema/aws-workspacesweb-networksettings.json
+++ b/schema/aws-workspacesweb-networksettings.json
@@ -133,6 +133,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "workspaces-web:UntagResource",
+ "workspaces-web:ListTagsForResource",
+ "workspaces-web:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-workspacesweb-portal.json b/schema/aws-workspacesweb-portal.json
index 7e50d3f..3c26be7 100644
--- a/schema/aws-workspacesweb-portal.json
+++ b/schema/aws-workspacesweb-portal.json
@@ -80,20 +80,22 @@
"create": {
"permissions": [
"workspaces-web:CreatePortal",
- "workspaces-web:GetPortal",
- "workspaces-web:GetPortalServiceProviderMetadata",
+ "workspaces-web:GetPortal*",
"workspaces-web:AssociateBrowserSettings",
"workspaces-web:AssociateIpAccessSettings",
"workspaces-web:AssociateNetworkSettings",
"workspaces-web:AssociateTrustStore",
"workspaces-web:AssociateUserAccessLoggingSettings",
"workspaces-web:AssociateUserSettings",
- "workspaces-web:ListTagsForResource",
+ "workspaces-web:AssociateDataProtectionSettings",
+ "workspaces-web:List*",
"workspaces-web:TagResource",
- "kms:CreateGrant",
+ "kms:DescribeKey",
"kms:GenerateDataKey",
"kms:Decrypt",
- "kms:DescribeKey",
+ "kms:GenerateDataKeyWithoutPlaintext",
+ "kms:ReEncryptTo",
+ "kms:ReEncryptFrom",
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:DeleteNetworkInterface",
@@ -101,14 +103,14 @@
"ec2:ModifyNetworkInterfaceAttribute",
"kinesis:PutRecord",
"kinesis:PutRecords",
- "kinesis:DescribeStreamSummary",
+ "kinesis:Describe*",
"sso:CreateManagedApplicationInstance",
- "sso:DescribeRegisteredRegions"
+ "sso:Describe*"
]
},
"delete": {
"permissions": [
- "workspaces-web:GetPortal",
+ "workspaces-web:GetPortal*",
"workspaces-web:DeletePortal",
"workspaces-web:DisassociateBrowserSettings",
"workspaces-web:DisassociateIpAccessSettings",
@@ -116,6 +118,7 @@
"workspaces-web:DisassociateTrustStore",
"workspaces-web:DisassociateUserAccessLoggingSettings",
"workspaces-web:DisassociateUserSettings",
+ "workspaces-web:DisassociateDataProtectionSettings",
"kms:Decrypt",
"kms:DescribeKey",
"sso:DeleteManagedApplicationInstance"
@@ -123,24 +126,22 @@
},
"list": {
"permissions": [
- "workspaces-web:ListPortals",
+ "workspaces-web:List*",
"kms:Decrypt",
"kms:DescribeKey"
]
},
"read": {
"permissions": [
- "workspaces-web:GetPortal",
- "workspaces-web:GetPortalServiceProviderMetadata",
- "workspaces-web:ListTagsForResource",
+ "workspaces-web:GetPortal*",
+ "workspaces-web:List*",
"kms:Decrypt",
"kms:DescribeKey"
]
},
"update": {
"permissions": [
- "workspaces-web:GetPortal",
- "workspaces-web:GetPortalServiceProviderMetadata",
+ "workspaces-web:GetPortal*",
"workspaces-web:UpdatePortal",
"workspaces-web:AssociateBrowserSettings",
"workspaces-web:AssociateIpAccessSettings",
@@ -148,13 +149,15 @@
"workspaces-web:AssociateTrustStore",
"workspaces-web:AssociateUserAccessLoggingSettings",
"workspaces-web:AssociateUserSettings",
+ "workspaces-web:AssociateDataProtectionSettings",
"workspaces-web:DisassociateBrowserSettings",
"workspaces-web:DisassociateIpAccessSettings",
"workspaces-web:DisassociateNetworkSettings",
"workspaces-web:DisassociateTrustStore",
"workspaces-web:DisassociateUserAccessLoggingSettings",
"workspaces-web:DisassociateUserSettings",
- "workspaces-web:ListTagsForResource",
+ "workspaces-web:DisassociateDataProtectionSettings",
+ "workspaces-web:List*",
"workspaces-web:TagResource",
"workspaces-web:UntagResource",
"kms:CreateGrant",
@@ -169,12 +172,12 @@
"ec2:ModifyNetworkInterfaceAttribute",
"kinesis:PutRecord",
"kinesis:PutRecords",
- "kinesis:DescribeStreamSummary",
+ "kinesis:Describe*",
"sso:CreateManagedApplicationInstance",
"sso:DeleteManagedApplicationInstance",
- "sso:DescribeRegisteredRegions",
+ "sso:Describe*",
"sso:GetApplicationInstance",
- "sso:ListApplicationInstances"
+ "sso:List*"
]
}
},
@@ -207,6 +210,12 @@
"pattern": "^arn:[\\w+=\\/,.@-]+:kms:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:key\\/[a-zA-Z0-9-]+$",
"type": "string"
},
+ "DataProtectionSettingsArn": {
+ "maxLength": 2048,
+ "minLength": 20,
+ "pattern": "^arn:[\\w+=\\/,.@-]+:[a-zA-Z0-9\\-]+:[a-zA-Z0-9\\-]*:[a-zA-Z0-9]{1,12}:[a-zA-Z]+(\\/[a-fA-F0-9\\-]{36})+$",
+ "type": "string"
+ },
"DisplayName": {
"maxLength": 64,
"minLength": 1,
@@ -303,6 +312,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "workspaces-web:UntagResource",
+ "workspaces-web:List*",
+ "workspaces-web:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-workspacesweb-truststore.json b/schema/aws-workspacesweb-truststore.json
index 66068e6..f0cd8a3 100644
--- a/schema/aws-workspacesweb-truststore.json
+++ b/schema/aws-workspacesweb-truststore.json
@@ -115,6 +115,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "workspaces-web:UntagResource",
+ "workspaces-web:ListTagsForResource",
+ "workspaces-web:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-workspacesweb-useraccessloggingsettings.json b/schema/aws-workspacesweb-useraccessloggingsettings.json
index d7bdf5c..b32ffeb 100644
--- a/schema/aws-workspacesweb-useraccessloggingsettings.json
+++ b/schema/aws-workspacesweb-useraccessloggingsettings.json
@@ -109,6 +109,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "workspaces-web:UntagResource",
+ "workspaces-web:ListTagsForResource",
+ "workspaces-web:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-workspacesweb-usersettings.json b/schema/aws-workspacesweb-usersettings.json
index 9d4be49..95117e5 100644
--- a/schema/aws-workspacesweb-usersettings.json
+++ b/schema/aws-workspacesweb-usersettings.json
@@ -1,9 +1,5 @@
{
"additionalProperties": false,
- "createOnlyProperties": [
- "/properties/AdditionalEncryptionContext",
- "/properties/CustomerManagedKey"
- ],
"definitions": {
"CookieSpecification": {
"additionalProperties": false,
@@ -77,6 +73,19 @@
},
"type": "object"
},
+ "MaxDisplayResolution": {
+ "enum": [
+ "size4096X2160",
+ "size3840X2160",
+ "size3440X1440",
+ "size2560X1440",
+ "size1920X1080",
+ "size1280X720",
+ "size1024X768",
+ "size800X600"
+ ],
+ "type": "string"
+ },
"Tag": {
"additionalProperties": false,
"properties": {
@@ -98,6 +107,51 @@
"Value"
],
"type": "object"
+ },
+ "ToolbarConfiguration": {
+ "additionalProperties": false,
+ "properties": {
+ "HiddenToolbarItems": {
+ "items": {
+ "$ref": "#/definitions/ToolbarItem"
+ },
+ "type": "array"
+ },
+ "MaxDisplayResolution": {
+ "$ref": "#/definitions/MaxDisplayResolution"
+ },
+ "ToolbarType": {
+ "$ref": "#/definitions/ToolbarType"
+ },
+ "VisualMode": {
+ "$ref": "#/definitions/VisualMode"
+ }
+ },
+ "type": "object"
+ },
+ "ToolbarItem": {
+ "enum": [
+ "Windows",
+ "DualMonitor",
+ "FullScreen",
+ "Webcam",
+ "Microphone"
+ ],
+ "type": "string"
+ },
+ "ToolbarType": {
+ "enum": [
+ "Floating",
+ "Docked"
+ ],
+ "type": "string"
+ },
+ "VisualMode": {
+ "enum": [
+ "Dark",
+ "Light"
+ ],
+ "type": "string"
}
},
"description": "Definition of AWS::WorkSpacesWeb::UserSettings Resource Type",
@@ -108,10 +162,12 @@
"workspaces-web:GetUserSettings",
"workspaces-web:ListTagsForResource",
"workspaces-web:TagResource",
- "kms:CreateGrant",
"kms:DescribeKey",
"kms:GenerateDataKey",
- "kms:Decrypt"
+ "kms:Decrypt",
+ "kms:GenerateDataKeyWithoutPlaintext",
+ "kms:ReEncryptTo",
+ "kms:ReEncryptFrom"
]
},
"delete": {
@@ -219,6 +275,9 @@
"minItems": 0,
"type": "array"
},
+ "ToolbarConfiguration": {
+ "$ref": "#/definitions/ToolbarConfiguration"
+ },
"UploadAllowed": {
"$ref": "#/definitions/EnabledType"
},
@@ -242,6 +301,11 @@
],
"tagging": {
"cloudFormationSystemTags": false,
+ "permissions": [
+ "workspaces-web:UntagResource",
+ "workspaces-web:ListTagsForResource",
+ "workspaces-web:TagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-xray-group.json b/schema/aws-xray-group.json
index 6dcc099..0fa468d 100644
--- a/schema/aws-xray-group.json
+++ b/schema/aws-xray-group.json
@@ -112,6 +112,10 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "xray:TagResource",
+ "xray:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-xray-samplingrule.json b/schema/aws-xray-samplingrule.json
index 29a9114..e602d48 100644
--- a/schema/aws-xray-samplingrule.json
+++ b/schema/aws-xray-samplingrule.json
@@ -282,6 +282,10 @@
"sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
"tagging": {
"cloudFormationSystemTags": true,
+ "permissions": [
+ "xray:TagResource",
+ "xray:UntagResource"
+ ],
"tagOnCreate": true,
"tagProperty": "/properties/Tags",
"tagUpdatable": true,
diff --git a/schema/aws-xray-transactionsearchconfig.json b/schema/aws-xray-transactionsearchconfig.json
new file mode 100644
index 0000000..f2ec336
--- /dev/null
+++ b/schema/aws-xray-transactionsearchconfig.json
@@ -0,0 +1,77 @@
+{
+ "additionalProperties": false,
+ "definitions": {
+ "AccountId": {
+ "description": "User account id, used as the primary identifier for the resource",
+ "pattern": "^\\d{12}$",
+ "type": "string"
+ },
+ "IndexingPercentage": {
+ "description": "Determines the percentage of traces indexed from CloudWatch Logs to X-Ray",
+ "maximum": 100,
+ "minimum": 0,
+ "type": "number"
+ }
+ },
+ "description": "This schema provides construct and validation rules for AWS-XRay TransactionSearchConfig resource parameters.",
+ "handlers": {
+ "create": {
+ "permissions": [
+ "application-signals:StartDiscovery",
+ "iam:CreateServiceLinkedRole",
+ "logs:CreateLogGroup",
+ "logs:CreateLogStream",
+ "logs:PutRetentionPolicy",
+ "xray:GetIndexingRules",
+ "xray:GetTraceSegmentDestination",
+ "xray:UpdateIndexingRule",
+ "xray:UpdateTraceSegmentDestination"
+ ]
+ },
+ "delete": {
+ "permissions": [
+ "xray:GetTraceSegmentDestination",
+ "xray:UpdateTraceSegmentDestination",
+ "xray:UpdateIndexingRule"
+ ]
+ },
+ "list": {
+ "permissions": [
+ "xray:GetTraceSegmentDestination",
+ "xray:GetIndexingRules"
+ ]
+ },
+ "read": {
+ "permissions": [
+ "xray:GetTraceSegmentDestination",
+ "xray:GetIndexingRules"
+ ]
+ },
+ "update": {
+ "permissions": [
+ "xray:GetIndexingRules",
+ "xray:GetTraceSegmentDestination",
+ "xray:UpdateIndexingRule"
+ ]
+ }
+ },
+ "primaryIdentifier": [
+ "/properties/AccountId"
+ ],
+ "properties": {
+ "AccountId": {
+ "$ref": "#/definitions/AccountId"
+ },
+ "IndexingPercentage": {
+ "$ref": "#/definitions/IndexingPercentage"
+ }
+ },
+ "readOnlyProperties": [
+ "/properties/AccountId"
+ ],
+ "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git",
+ "tagging": {
+ "taggable": false
+ },
+ "typeName": "AWS::XRay::TransactionSearchConfig"
+}
diff --git a/schema/update.ps1 b/schema/update.ps1
new file mode 100644
index 0000000..bc59019
--- /dev/null
+++ b/schema/update.ps1
@@ -0,0 +1,34 @@
+Add-Type -AssemblyName System.IO.Compression.FileSystem
+function Unzip {
+ param(
+ [Parameter(Mandatory=$true)]
+ [ValidateNotNullOrEmpty()]
+ [string]$zipfile,
+
+ [Parameter(Mandatory=$true)]
+ [ValidateNotNullOrEmpty()]
+ [string]$outpath
+ )
+
+ [System.IO.Compression.ZipFile]::ExtractToDirectory($zipfile, $outpath)
+}
+
+$root = "./"| Resolve-Path
+$schemaUrl = "https://schema.cloudformation.us-east-1.amazonaws.com/CloudformationSchema.zip"
+$filepath = Join-Path $root "CloudformationSchema.zip"
+write-host "path $filepath"
+Get-ChildItem *.json| ForEach-Object { Remove-Item $_}
+
+try {
+ Write-Progress -Activity "Downloading Schema" -Status "Downloading..."
+ invoke-webrequest $schemaUrl -OutFile $filepath
+ Write-Progress -Activity "Downloading Schema" -Completed
+ Unzip $filepath $root
+} catch {
+ Write-Error "Failed to download/extract schema: $_"
+ exit 1
+}
+
+Remove-Item $filepath
+
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
diff --git a/schema/update.sh b/schema/update.sh
new file mode 100755
index 0000000..585921b
--- /dev/null
+++ b/schema/update.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+# Set working directory
+ROOT_DIR="$(pwd)"
+SCHEMA_URL="https://schema.cloudformation.us-east-1.amazonaws.com/CloudformationSchema.zip"
+FILEPATH="${ROOT_DIR}/CloudformationSchema.zip"
+
+# Function to cleanup on exit
+cleanup() {
+ rm -f "${FILEPATH}"
+}
+
+# Error handling
+set -e
+trap cleanup EXIT
+
+# Remove existing JSON files
+rm -f ./*.json
+
+# Download schema
+echo "Downloading schema..."
+curl -L -o "${FILEPATH}" "${SCHEMA_URL}" || {
+ echo "Failed to download schema"
+ exit 1
+}
+
+# Extract zip file
+echo "Extracting schema..."
+unzip -o "${FILEPATH}" || {
+ echo "Failed to extract schema"
+ exit 1
+}
diff --git a/set-version.sh b/set-version.sh
index 66f114b..9e4c03d 100755
--- a/set-version.sh
+++ b/set-version.sh
@@ -1,5 +1,24 @@
#!/bin/sh
-latesttag=$(git describe --tags)
+# set-version.sh: Updates version.go file with latest git tag
+# Usage: ./set-version.sh
+# Requires: git
+set -e # Exit on error
+
+if ! latesttag=$(git describe --tags); then
+ echo "Error: Failed to get git tag" >&2
+ exit 1
+fi
+
+if [ -z "$latesttag" ]; then
+ echo "Error: No git tags found" >&2
+ exit 1
+fi
+
+if ! echo "$latesttag" | grep -Eq '^v[0-9]+\.[0-9]+\.[0-9]+'; then
+ echo "Error: Invalid version tag format" >&2
+ exit 1
+fi
+
echo "Updating version file with new tag: $latesttag"
echo "package version" > src/version/version.go
echo "" >> src/version/version.go
diff --git a/src/arm/data.go b/src/arm/data.go
index 43ba70f..9281796 100644
--- a/src/arm/data.go
+++ b/src/arm/data.go
@@ -2,14 +2,13 @@ package arm
import (
"bytes"
- "fmt"
- tftemplate "text/template"
-
"sato/src/cf"
+ tftemplate "text/template"
)
// ParseData writes out to data.tf.
func ParseData(result map[string]interface{}, funcMap tftemplate.FuncMap, destination string) error {
+
if result["data"] == nil {
return nil
}
@@ -20,7 +19,7 @@ func ParseData(result map[string]interface{}, funcMap tftemplate.FuncMap, destin
tmpl, err := tftemplate.New("test").Funcs(funcMap).Parse(string(dataFile))
if err != nil {
- return fmt.Errorf("failed to build parser %w", err)
+ return &templateNewError{err: err}
}
err = tmpl.Execute(&output, m{
@@ -28,12 +27,12 @@ func ParseData(result map[string]interface{}, funcMap tftemplate.FuncMap, destin
})
if err != nil {
- return fmt.Errorf("failed to execute parser %w", err)
+ return &templateExecuteError{err: err}
}
err = cf.Write(output.String(), destination, "data")
if err != nil {
- return fmt.Errorf("failed to write data.tf %w", err)
+ return &writeFileError{destination: destination, err: err}
}
return nil
diff --git a/src/arm/error.go b/src/arm/error.go
index b924e72..5f9f5be 100644
--- a/src/arm/error.go
+++ b/src/arm/error.go
@@ -2,6 +2,36 @@ package arm
import "fmt"
+type splitResourceError struct {
+ match string
+}
+
+func (e splitResourceError) Error() string {
+ return fmt.Sprintf("failed to split resource %s", e.match)
+}
+
+type filepathError struct {
+ Path string
+}
+
+func (m *filepathError) Error() string {
+ return fmt.Sprintf("not implemented %s", m.Path)
+}
+
+type parseListError struct{}
+
+func (m *parseListError) Error() string {
+ return "parseListError"
+}
+
+type parseMapError struct {
+ Err error
+}
+
+func (m *parseMapError) Error() string {
+ return fmt.Sprintf("parseMapError %v", m.Err)
+}
+
type emptyResourceError struct {
Name string
}
@@ -33,3 +63,28 @@ type matchValueError struct {
func (m *matchValueError) Error() string {
return fmt.Sprintf("failed to match value %s", m.Name)
}
+
+type templateNewError struct {
+ err error
+}
+
+func (e templateNewError) Error() string {
+ return fmt.Sprintf("failed to build parser %v", e.err)
+}
+
+type templateExecuteError struct {
+ err error
+}
+
+func (e templateExecuteError) Error() string {
+ return fmt.Sprintf("failed to execute parser %v", e.err)
+}
+
+type writeFileError struct {
+ destination string
+ err error
+}
+
+func (e writeFileError) Error() string {
+ return fmt.Sprintf("failed to write %s %v", e.destination, e.err)
+}
diff --git a/src/arm/error_test.go b/src/arm/error_test.go
new file mode 100644
index 0000000..3251711
--- /dev/null
+++ b/src/arm/error_test.go
@@ -0,0 +1,210 @@
+package arm
+
+import (
+ "errors"
+ "testing"
+)
+
+func TestSplitResourceError(t *testing.T) {
+ tests := []struct {
+ name string
+ match string
+ expected string
+ }{
+ {
+ name: "basic resource",
+ match: "resource/123",
+ expected: "failed to split resource resource/123",
+ },
+ {
+ name: "empty resource",
+ match: "",
+ expected: "failed to split resource ",
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ err := splitResourceError{match: tt.match}
+ if got := err.Error(); got != tt.expected {
+ t.Errorf("splitResourceError.Error() = %v, want %v", got, tt.expected)
+ }
+ })
+ }
+}
+
+func TestFilepathError(t *testing.T) {
+ tests := []struct {
+ name string
+ path string
+ expected string
+ }{
+ {
+ name: "valid path",
+ path: "/path/to/file",
+ expected: "not implemented /path/to/file",
+ },
+ {
+ name: "empty path",
+ path: "",
+ expected: "not implemented ",
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ err := &filepathError{Path: tt.path}
+ if got := err.Error(); got != tt.expected {
+ t.Errorf("filepathError.Error() = %v, want %v", got, tt.expected)
+ }
+ })
+ }
+}
+
+func TestParseListError(t *testing.T) {
+ err := &parseListError{}
+ expected := "parseListError"
+ if got := err.Error(); got != expected {
+ t.Errorf("parseListError.Error() = %v, want %v", got, expected)
+ }
+}
+
+func TestParseMapError(t *testing.T) {
+ tests := []struct {
+ name string
+ err error
+ expected string
+ }{
+ {
+ name: "with inner error",
+ err: errors.New("inner error"),
+ expected: "parseMapError inner error",
+ },
+ {
+ name: "nil error",
+ err: nil,
+ expected: "parseMapError ",
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ err := &parseMapError{Err: tt.err}
+ if got := err.Error(); got != tt.expected {
+ t.Errorf("parseMapError.Error() = %v, want %v", got, tt.expected)
+ }
+ })
+ }
+}
+
+func TestEmptyResourceError(t *testing.T) {
+ tests := []struct {
+ name string
+ resource string
+ expected string
+ }{
+ {
+ name: "resource name",
+ resource: "myResource",
+ expected: "myResource is empty",
+ },
+ {
+ name: "empty name",
+ resource: "",
+ expected: " is empty",
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ err := &emptyResourceError{Name: tt.resource}
+ if got := err.Error(); got != tt.expected {
+ t.Errorf("emptyResourceError.Error() = %v, want %v", got, tt.expected)
+ }
+ })
+ }
+}
+
+func TestParseResourceError(t *testing.T) {
+ tests := []struct {
+ name string
+ resource string
+ expected string
+ }{
+ {
+ name: "resource name",
+ resource: "myResource",
+ expected: "failed to parse resource name myResource",
+ },
+ {
+ name: "empty name",
+ resource: "",
+ expected: "failed to parse resource name ",
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ err := &parseResourceError{Name: tt.resource}
+ if got := err.Error(); got != tt.expected {
+ t.Errorf("parseResourceError.Error() = %v, want %v", got, tt.expected)
+ }
+ })
+ }
+}
+
+func TestInlineFormatError(t *testing.T) {
+ tests := []struct {
+ name string
+ resource string
+ expected string
+ }{
+ {
+ name: "format name",
+ resource: "myFormat",
+ expected: "uses inline format function myFormat",
+ },
+ {
+ name: "empty format",
+ resource: "",
+ expected: "uses inline format function ",
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ err := &inlineFormatError{Name: tt.resource}
+ if got := err.Error(); got != tt.expected {
+ t.Errorf("inlineFormatError.Error() = %v, want %v", got, tt.expected)
+ }
+ })
+ }
+}
+
+func TestMatchValueError(t *testing.T) {
+ tests := []struct {
+ name string
+ value string
+ expected string
+ }{
+ {
+ name: "value name",
+ value: "myValue",
+ expected: "failed to match value myValue",
+ },
+ {
+ name: "empty value",
+ value: "",
+ expected: "failed to match value ",
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ err := &matchValueError{Name: tt.value}
+ if got := err.Error(); got != tt.expected {
+ t.Errorf("matchValueError.Error() = %v, want %v", got, tt.expected)
+ }
+ })
+ }
+}
diff --git a/src/arm/helpers.go b/src/arm/helpers.go
index 376100f..0e03f4a 100644
--- a/src/arm/helpers.go
+++ b/src/arm/helpers.go
@@ -188,16 +188,16 @@ func ArrayToString(defaultValue []interface{}) string {
for count, value := range defaultValue {
if count == len(defaultValue)-1 {
- newValue += "\"" + value.(string) + "\""
+ newValue += "\"" + EscapeQuote(value.(string)) + "\""
} else {
- newValue += "\"" + value.(string) + "\"" + ","
+ newValue += "\"" + EscapeQuote(value.(string)) + "\"" + ","
}
}
return newValue + "]"
}
-// Tags take map into a string for tags.
+// Tags take a map into a string for tags.
func Tags(raw interface{}) string {
tags, ok := raw.(map[string]interface{})
if !ok {
diff --git a/src/arm/outputs.go b/src/arm/outputs.go
index 25ed47d..8cb8903 100644
--- a/src/arm/outputs.go
+++ b/src/arm/outputs.go
@@ -2,7 +2,6 @@ package arm
import (
"bytes"
- "fmt"
"log"
"sato/src/cf"
tftemplate "text/template"
@@ -42,7 +41,7 @@ func ParseOutputs(result map[string]interface{}, funcMap tftemplate.FuncMap, des
tmpl, err := tftemplate.New("test").Funcs(funcMap).Parse(string(outputFile))
if err != nil {
- return fmt.Errorf("failed to parse template %w", err)
+ return templateNewError{err}
}
err = tmpl.Execute(&output, m{
@@ -51,7 +50,7 @@ func ParseOutputs(result map[string]interface{}, funcMap tftemplate.FuncMap, des
})
if err != nil {
- return fmt.Errorf("failed to execute parser %w", err)
+ return templateExecuteError{err: err}
}
All += output.String()
@@ -59,7 +58,7 @@ func ParseOutputs(result map[string]interface{}, funcMap tftemplate.FuncMap, des
err := cf.Write(All, destination, "outputs")
if err != nil {
- return fmt.Errorf("failed to write Outputs %w", err)
+ return writeFileError{destination: destination, err: err}
}
return nil
diff --git a/src/arm/parameters.go b/src/arm/parameters.go
index 77aec5d..47b5bd0 100644
--- a/src/arm/parameters.go
+++ b/src/arm/parameters.go
@@ -38,20 +38,24 @@ func parseParameters(
myItem, err = FixType(myItem)
if err != nil {
- log.Print(err)
+ log.Info().Err(err)
}
var output bytes.Buffer
tmpl, err := tftemplate.New("test").Funcs(funcMap).Parse(string(variableFile))
if err != nil {
- return "", nil, fmt.Errorf("failed to build parser %w", err)
+ return "", nil, templateNewError{err: err}
}
- _ = tmpl.Execute(&output, m{
+ err = tmpl.Execute(&output, m{
"variable": myItem,
"item": name,
})
+ if err != nil {
+ return "", nil, templateExecuteError{err: err}
+ }
+
all += output.String()
myVariables = append(myVariables, myItem)
diff --git a/src/arm/parse.go b/src/arm/parse.go
index 472ad2c..4ba5235 100644
--- a/src/arm/parse.go
+++ b/src/arm/parse.go
@@ -18,37 +18,95 @@ import (
"golang.org/x/exp/maps"
)
-type splitResourceError struct {
- match string
+type m map[string]interface{}
+
+var funcMap = tftemplate.FuncMap{
+ "Array": cf.Array,
+ "ArrayReplace": cf.ArrayReplace,
+ "Contains": cf.Contains,
+ "Enabled": Enabled,
+ "Sprint": cf.Sprint,
+ "Decode64": cf.Decode64,
+ "Boolean": cf.Boolean,
+ "Dequote": cf.Dequote,
+ "Quote": cf.Quote,
+ "Demap": cf.Demap,
+ "Tags": Tags,
+ "ToUpper": strings.ToUpper,
+ "ToLower": cf.Lower,
+ "Deref": func(str *string) string { return *str },
+ "Nil": cf.Nill,
+ "Nild": cf.Nild,
+ "Marshal": func(v interface{}) string {
+ a, err := json.Marshal(v)
+ if err != nil {
+ log.Printf("marshal failure")
+ }
+
+ return string(a)
+ },
+ "Set": ArrayToString,
+ "Split": cf.Split,
+ "SplitOn": cf.SplitOn,
+ "Replace": cf.Replace,
+ "RandomString": cf.RandomString,
+ "Map": cf.Map,
+ "NotNil": NotNil,
+ "Snake": cf.Snake,
+ "Kebab": cf.Kebab,
+ "ZipFile": cf.Zipfile,
+ "Uuid": UUID,
}
-func (e splitResourceError) Error() string {
- return fmt.Sprintf("failed to split resource %s", e.match)
+type readFileError struct {
+ path string
+ err error
}
-type filepathError struct {
- Path string
+func (r *readFileError) Error() string {
+ return fmt.Sprintf("failed to read file: %s %v", r.path, r.err)
}
-func (m *filepathError) Error() string {
- return fmt.Sprintf("not implemented %s", m.Path)
+type openFileError struct {
+ path string
+ err error
}
-type parseListError struct{}
+func (o *openFileError) Error() string {
+ return fmt.Sprintf("failed to open file: %s %v", o.path, o.err)
+}
-func (m *parseListError) Error() string {
- return "parseListError"
+type unmarshalError struct {
+ err error
}
-type parseMapError struct {
- Err error
+func (u *unmarshalError) Error() string {
+ return fmt.Sprintf("unmarshal failure %v", u.err)
}
-func (m *parseMapError) Error() string {
- return fmt.Sprintf("parseMapError %s", m.Err)
+type parseVariablesError struct {
+ err error
}
-type m map[string]interface{}
+func (p *parseVariablesError) Error() string {
+ return fmt.Sprintf("parse varriables failure %v", p.err)
+}
+
+type parseResourcesError struct {
+ err error
+}
+
+func (p *parseResourcesError) Error() string {
+ return fmt.Sprintf("parse resources failure %v", p.err)
+}
+
+type parseDataError struct {
+ err error
+}
+
+func (p *parseDataError) Error() string {
+ return fmt.Sprintf("parse data failure %v", p.err)
+}
// Parse turn ARM into Terraform.
func Parse(file string, destination string) error {
@@ -59,65 +117,30 @@ func Parse(file string, destination string) error {
jsonFile, err := os.Open(fileAbs)
if err != nil {
- return fmt.Errorf("file open failure %w", err)
+ return &openFileError{path: file, err: err}
}
// defer the closing of our jsonFile so that we can parse it later on
//goland:noinspection GoUnhandledErrorResult
defer jsonFile.Close()
- byteValue, _ := io.ReadAll(jsonFile)
+ byteValue, err := io.ReadAll(jsonFile)
+ if err != nil {
+ return &readFileError{path: file, err: err}
+ }
var result map[string]interface{}
err = json.Unmarshal(byteValue, &result)
if err != nil {
- return fmt.Errorf("unmarshal failure %w", err)
- }
-
- funcMap := tftemplate.FuncMap{
- "Array": cf.Array,
- "ArrayReplace": cf.ArrayReplace,
- "Contains": cf.Contains,
- "Enabled": Enabled,
- "Sprint": cf.Sprint,
- "Decode64": cf.Decode64,
- "Boolean": cf.Boolean,
- "Dequote": cf.Dequote,
- "Quote": cf.Quote,
- "Demap": cf.Demap,
- "Tags": Tags,
- "ToUpper": strings.ToUpper,
- "ToLower": cf.Lower,
- "Deref": func(str *string) string { return *str },
- "Nil": cf.Nill,
- "Nild": cf.Nild,
- "Marshal": func(v interface{}) string {
- a, err := json.Marshal(v)
- if err != nil {
- log.Printf("marshal failure")
- }
-
- return string(a)
- },
- "Set": ArrayToString,
- "Split": cf.Split,
- "SplitOn": cf.SplitOn,
- "Replace": cf.Replace,
- "RandomString": cf.RandomString,
- "Map": cf.Map,
- "NotNil": NotNil,
- "Snake": cf.Snake,
- "Kebab": cf.Kebab,
- "ZipFile": cf.Zipfile,
- "Uuid": UUID,
+ return &unmarshalError{err: err}
}
result = Preprocess(result)
result, err = ParseVariables(result, funcMap, destination)
if err != nil {
- return err
+ return &parseVariablesError{err: err}
}
result, err = ParseResources(result, funcMap, destination)
@@ -127,12 +150,12 @@ func Parse(file string, destination string) error {
err = ParseOutputs(result, funcMap, destination)
if err != nil {
- return err
+ return &parseResourcesError{err: err}
}
err = ParseData(result, funcMap, destination)
if err != nil {
- return fmt.Errorf("parse data %w", err)
+ return &parseDataError{err: err}
}
return nil
@@ -542,7 +565,7 @@ func ReplaceResourceID(Match string, result map[string]interface{}) (string, err
case "microsoft.network/privateendpoints/privatednszonegroups":
{
// this isn't a separate terraform resource just part of
- // private_dns_zone_group in a azurerm_private_endpoint
+ // private_dns_zone_group in an azurerm_private_endpoint
name, err = resourceToName(Match, result)
if err != nil {
return "", err
diff --git a/src/arm/variables.go b/src/arm/variables.go
index 00e9f86..464a974 100644
--- a/src/arm/variables.go
+++ b/src/arm/variables.go
@@ -18,6 +18,10 @@ func ParseVariables(
funcMap tftemplate.FuncMap,
destination string) (map[string]interface{}, error) {
+ if result["variables"] == nil {
+ result["variables"] = make(map[string]interface{})
+ }
+
variables, ok := result["variables"].(map[string]interface{})
if !ok {
diff --git a/src/arm/variables_test.go b/src/arm/variables_test.go
index 05a5cce..eecd022 100644
--- a/src/arm/variables_test.go
+++ b/src/arm/variables_test.go
@@ -31,7 +31,11 @@ func Test_parseVariables(t *testing.T) {
outputs["hostname"] = entry
results["outputs"] = outputs
- wants := make(map[string]interface{})
+
+ wants := map[string]interface{}{
+ "variables": make(map[string]interface{}),
+ }
+
// emptySlice = append(emptySlice, empty)
tests := []struct {
diff --git a/src/cf/errors.go b/src/cf/errors.go
new file mode 100644
index 0000000..4a4c251
--- /dev/null
+++ b/src/cf/errors.go
@@ -0,0 +1,76 @@
+package cf
+
+import "fmt"
+
+type filepathError struct {
+ Path string
+ err error
+}
+
+// missingResourceError represents a resource lookup failure
+type missingResourceInputError struct {
+}
+
+func (e *missingResourceInputError) Error() string {
+ return "invalid input parameters"
+}
+
+func (m *filepathError) Error() string {
+ return fmt.Sprintf("not implemented %s as raised %v", m.Path, m.err)
+}
+
+type goformationError struct {
+ err error
+}
+
+func (m *goformationError) Error() string {
+ return fmt.Sprintf("goformation parse failure %v", m.err)
+}
+
+type parseVariablesError struct {
+ err error
+}
+
+func (m *parseVariablesError) Error() string {
+ return fmt.Sprintf("parse varriables failure %v", m.err)
+}
+
+type parseResourcesError struct {
+ err error
+}
+
+func (m *parseResourcesError) Error() string {
+ return fmt.Sprintf("parse resources failure %v", m.err)
+}
+
+type makeDirError struct {
+ err error
+}
+
+func (e *makeDirError) Error() string {
+ return fmt.Sprintf("mkdir failed %v", e.err)
+}
+
+type writeError struct {
+ destination string
+ err error
+}
+
+func (e *writeError) Error() string {
+ return fmt.Sprintf("write failed %s %v", e.destination, e.err)
+}
+
+type writeFileError struct {
+ destination string
+ err error
+}
+
+type emptyPathsError struct{}
+
+func (e emptyPathsError) Error() string {
+ return "paths cannot be empty"
+}
+
+func (e *writeFileError) Error() string {
+ return fmt.Sprintf("write file failed %s %v", e.destination, e.err)
+}
diff --git a/src/cf/errors_test.go b/src/cf/errors_test.go
new file mode 100644
index 0000000..e15988c
--- /dev/null
+++ b/src/cf/errors_test.go
@@ -0,0 +1,138 @@
+package cf
+
+import (
+ "errors"
+ "testing"
+)
+
+func TestFilepathError(t *testing.T) {
+ tests := []struct {
+ name string
+ path string
+ err error
+ expected string
+ }{
+ {
+ name: "basic error",
+ path: "/test/path",
+ err: errors.New("test error"),
+ expected: "not implemented /test/path as raised test error",
+ },
+ {
+ name: "empty path",
+ path: "",
+ err: errors.New("no path"),
+ expected: "not implemented as raised no path",
+ },
+ {
+ name: "nil error",
+ path: "/some/path",
+ err: nil,
+ expected: "not implemented /some/path as raised ",
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ fe := &filepathError{
+ Path: tt.path,
+ err: tt.err,
+ }
+ if got := fe.Error(); got != tt.expected {
+ t.Errorf("filepathError.Error() = %v, want %v", got, tt.expected)
+ }
+ })
+ }
+}
+
+func TestMissingResourceInputError(t *testing.T) {
+ err := &missingResourceInputError{}
+ expected := "invalid input parameters"
+ if got := err.Error(); got != expected {
+ t.Errorf("missingResourceInputError.Error() = %v, want %v", got, expected)
+ }
+}
+
+func TestGoformationError(t *testing.T) {
+ tests := []struct {
+ name string
+ err error
+ expected string
+ }{
+ {
+ name: "with error",
+ err: errors.New("formation failed"),
+ expected: "goformation parse failure formation failed",
+ },
+ {
+ name: "nil error",
+ err: nil,
+ expected: "goformation parse failure ",
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ ge := &goformationError{err: tt.err}
+ if got := ge.Error(); got != tt.expected {
+ t.Errorf("goformationError.Error() = %v, want %v", got, tt.expected)
+ }
+ })
+ }
+}
+
+func TestParseVariablesError(t *testing.T) {
+ tests := []struct {
+ name string
+ err error
+ expected string
+ }{
+ {
+ name: "with error",
+ err: errors.New("var parse failed"),
+ expected: "parse varriables failure var parse failed",
+ },
+ {
+ name: "nil error",
+ err: nil,
+ expected: "parse varriables failure ",
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ pe := &parseVariablesError{err: tt.err}
+ if got := pe.Error(); got != tt.expected {
+ t.Errorf("parseVariablesError.Error() = %v, want %v", got, tt.expected)
+ }
+ })
+ }
+}
+
+func TestParseResourcesError(t *testing.T) {
+ tests := []struct {
+ name string
+ err error
+ expected string
+ }{
+ {
+ name: "with error",
+ err: errors.New("resource parse failed"),
+ expected: "parse resources failure resource parse failed",
+ },
+ {
+ name: "nil error",
+ err: nil,
+ expected: "parse resources failure ",
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ pe := &parseResourcesError{err: tt.err}
+ if got := pe.Error(); got != tt.expected {
+ t.Errorf("parseResourcesError.Error() = %v, want %v", got, tt.expected)
+ }
+ })
+ }
+}
diff --git a/src/cf/lookup.go b/src/cf/lookup.go
index d47e716..ac9d196 100644
--- a/src/cf/lookup.go
+++ b/src/cf/lookup.go
@@ -10,8 +10,20 @@ import (
"github.com/rs/zerolog/log"
)
+type templateNewError struct {
+ Err error
+}
+
+func (e *templateNewError) Error() string {
+ return fmt.Sprintf("failed to create template %v", e.Err)
+}
+
// parseResources converts resource to Terraform.
func parseResources(resources cloudformation.Resources, funcMap tftemplate.FuncMap, destination string) error {
+ if resources == nil || funcMap == nil || destination == "" {
+ return &missingResourceInputError{}
+ }
+
for item, resource := range resources {
var output bytes.Buffer
@@ -22,7 +34,7 @@ func parseResources(resources cloudformation.Resources, funcMap tftemplate.FuncM
// needs to pivot on policy template from resource
tmpl, err := tftemplate.New("sato").Funcs(funcMap).Parse(string(myContent))
if err != nil {
- return fmt.Errorf("failed to template %w", err)
+ return &templateNewError{Err: err}
}
_ = tmpl.Execute(&output, M{
@@ -34,7 +46,7 @@ func parseResources(resources cloudformation.Resources, funcMap tftemplate.FuncM
ReplaceDependant(
ReplaceVariables(output.String())), destination, fmt.Sprint(ToTFName(myType), ".", strings.ToLower(item)))
if err != nil {
- return err
+ return &writeError{destination: destination, err: err}
}
}
@@ -44,133 +56,13 @@ func parseResources(resources cloudformation.Resources, funcMap tftemplate.FuncM
//goland:noinspection GoLinter
//nolint:funlen
func lookup(myType string) []byte {
- TFLookup := map[string]interface{}{
- "AWS::ApplicationAutoScaling::ScalableTarget": awsAppAutoscalingTarget,
- "AWS::ApplicationAutoScaling::ScalingPolicy": awsAppAutoscalingPolicy,
- "AWS::AutoScaling::AutoScalingGroup": awsAutoscalingGroup,
- "AWS::AutoScaling::LaunchConfiguration": awsLaunchConfiguration,
- "AWS::AutoScaling::LifecycleHook": awsAutoscalingLifecycleHook,
- "AWS::AutoScaling::ScalingPolicy": awsAutoscalingPolicy,
- "AWS::AutoScaling::ScheduledAction": awsAutoscalingSchedule,
- "AWS::Backup::BackupPlan": awsBackupPlan,
- "AWS::Backup::BackupSelection": awsBackupSelection,
- "AWS::Backup::BackupVault": awsBackupVault,
- "AWS::Cloud9::EnvironmentEC2": awsCloud9EnvironmentEc2,
- "AWS::CloudFormation::Stack": awsCloudformationStack,
- "AWS::CloudFront::CloudFrontOriginAccessIdentity": awsCloudfrontOriginAccessIdentity,
- "AWS::CloudFront::Distribution": awsCloudfrontDistribution,
- "AWS::CloudWatch::Alarm": awsCloudwatchMetricAlarm,
- "AWS::CloudWatch::Dashboard": awsCloudwatchDashboard,
- "AWS::CodeBuild::Project": awsCodebuildProject,
- "AWS::CodeCommit::Repository": awsCodecommitRepository,
- "AWS::CodePipeline::Pipeline": awsCodepipeline,
- "AWS::Config::ConfigRule": awsConfigConfigRule,
- "AWS::Config::ConfigurationRecorder": awsConfigConfigurationRecorder,
- "AWS::Config::DeliveryChannel": awsConfigDeliveryChannel,
- "AWS::DMS::Endpoint": awsDmsEndpoint,
- "AWS::DMS::ReplicationInstance": awsDmsReplicationinstance,
- "AWS::DMS::ReplicationSubnetGroup": awsDmsReplicationSubnetGroup,
- "AWS::DMS::ReplicationTask": awsDmsReplicationTask,
- "AWS::DirectoryService::MicrosoftAD": awsDirectoryServiceDirectory,
- "AWS::DynamoDB::Table": awsDynamodbTable,
- "AWS::EC2::DHCPOptions": awsVpcDhcpOptions,
- "AWS::EC2::EIP": awsEIP,
- "AWS::EC2::EIPAssociation": awsEipAssociation,
- "AWS::EC2::FlowLog": awsFlowLog,
- "AWS::EC2::Instance": awsInstance,
- "AWS::EC2::InternetGateway": awsInternetGateway,
- "AWS::EC2::LaunchTemplate": awsLaunchTemplate,
- "AWS::EC2::NatGateway": awsNatGateway,
- "AWS::EC2::NetworkAcl": awsNetworkACL,
- "AWS::EC2::NetworkAclEntry": awsNetworkACLRule,
- "AWS::EC2::NetworkInterface": awsNetworkInterface,
- "AWS::EC2::Route": awsRoute,
- "AWS::EC2::RouteTable": awsRouteTable,
- "AWS::EC2::SecurityGroup": awsSecurityGroup,
- "AWS::EC2::SecurityGroupEgress": awsSecurityGroupRuleEgress,
- "AWS::EC2::SecurityGroupIngress": awsSecurityGroupRuleIngress,
- "AWS::EC2::Subnet": awsSubnet,
- "AWS::EC2::SubnetNetworkAclAssociation": awsNetworkACLAssociation,
- "AWS::EC2::SubnetRouteTableAssociation": awsRouteTableAssociation,
- "AWS::EC2::VPC": awsVpc,
- "AWS::EC2::VPCDHCPOptionsAssociation": awsVpcDhcpOptionsAssociation,
- "AWS::EC2::VPCEndpoint": awsVpcEndpoint,
- "AWS::EC2::VPCGatewayAttachment": awsVpnGatewayAttachment,
- "AWS::EC2::Volume": awsEbsVolume,
- "AWS::ECS::Cluster": awsEcsCluster,
- "AWS::ECS::Service": awsEcsService,
- "AWS::ECS::TaskDefinition": awsEcsTaskDefinition,
- "AWS::EFS::FileSystem": awsEfsFileSystem,
- "AWS::EFS::MountTarget": awsEfsMountTarget,
- "AWS::EKS::Cluster": awsEksCluster,
- "AWS::EKS::Nodegroup": awsEksNodeGroup,
- "AWS::ElastiCache::ParameterGroup": awsElasticacheParameterGroup,
- "AWS::ElastiCache::ReplicationGroup": awsElasticacheReplicationGroup,
- "AWS::ElastiCache::SubnetGroup": awsElasticacheSubnetGroup,
- "AWS::ElasticLoadBalancing::LoadBalancer": awsElb,
- "AWS::ElasticLoadBalancingV2::Listener": awsLbListener,
- "AWS::ElasticLoadBalancingV2::ListenerRule": awsLbListenerRule,
- "AWS::ElasticLoadBalancingV2::LoadBalancer": awsLb,
- "AWS::ElasticLoadBalancingV2::TargetGroup": awsLbTargetGroup,
- "AWS::Events::Rule": awsCloudwatchEventRule,
- "AWS::IAM::AccessKey": awsIamAccessKey,
- "AWS::IAM::Group": awsIamGroup,
- "AWS::IAM::InstanceProfile": awsIamInstanceProfile,
- "AWS::IAM::ManagedPolicy": awsIamManagedPolicy,
- "AWS::IAM::Policy": awsIamPolicy,
- "AWS::IAM::Role": awsIamRole,
- "AWS::IAM::User": awsIamUser,
- "AWS::IAM::UserToGroupAddition": awsIamGroupMembership,
- "AWS::KinesisFirehose::DeliveryStream": awsKinesisFirehoseDeliveryStream,
- "AWS::KMS::Alias": awskmsAlias,
- "AWS::KMS::Key": awsKmsKey,
- "AWS::Lambda::EventSourceMapping": awsLambdaEventSourceMapping,
- "AWS::Lambda::Function": awsLambdaFunction,
- "AWS::Lambda::Permission": awsLambdaPermission,
- "AWS::Lambda::Version": awsLambdaVersion,
- "AWS::Logs::LogGroup": awsCloudwatchLogGroup,
- "AWS::Logs::MetricFilter": awsCloudwatchLogMetricFilter,
- "AWS::Neptune::DBCluster": awsNeptuneCluster,
- "AWS::Neptune::DBClusterParameterGroup": awsNeptuneClusterDBParameterGroup,
- "AWS::Neptune::DBInstance": awsNeptuneDBInstance,
- "AWS::Neptune::DBParameterGroup": awsNeptuneDBParameterGroup,
- "AWS::Neptune::DBSubnetGroup": awsNeptuneDnSubnetGroup,
- "AWS::RDS::DBCluster": awsRdsCluster,
- "AWS::RDS::DBClusterParameterGroup": awsDBParameterGroup,
- "AWS::RDS::DBInstance": awsDBInstance,
- "AWS::RDS::DBParameterGroup": awsDBParameterGroup,
- "AWS::RDS::DBSubnetGroup": awsDBSubnetGroup,
- "AWS::Route53::RecordSet": awsRoute53Record,
- "AWS::S3::Bucket": awsS3Bucket,
- "AWS::S3::BucketPolicy": awsS3BucketPolicy,
- "AWS::SNS::Subscription": awsSNSSubscription,
- "AWS::SNS::Topic": awsSNSTopic,
- "AWS::SNS::TopicPolicy": awsSNSTopicPolicy,
- "AWS::SQS::Queue": awsSqsQueue,
- "AWS::SSM::Association": awsSsmAssociation,
- "AWS::SSM::Document": awsSsmDocument,
- "AWS::SSM::MaintenanceWindow": awsSsmMaintenanceWindow,
- "AWS::SSM::MaintenanceWindowTarget": awsSsmMaintenanceWindowTarget,
- "AWS::SSM::MaintenanceWindowTask": awsSsmMaintenanceWindowTask,
- "AWS::SecretsManager::Secret": awsSecretsManagerSecret,
- "AWS::ServiceCatalog::Portfolio": awsServiceCatalogPortfolio,
- "AWS::ServiceCatalog::PortfolioProductAssociation": awsServiceCatalogProductPortfolioAssociation,
- "AWS::ServiceCatalog::PortfolioShare": awsServiceCatalogPortfolioShare,
- "AWS::ServiceCatalog::TagOption": awsServiceCatalogTagOption,
- "AWS::ServiceCatalog::TagOptionAssociation": awsServiceCatalogTagOptionAssociation,
- "AWS::ServiceDiscovery::Service": awsServiceDiscoveryService,
- "AWS::StepFunctions::StateMachine": awsStepfunctionStateMachine,
- "AWS::WAFv2::WebACLAssociation": awsWAFv2WebACLAssociation,
- "AWS::Athena::WorkGroup": awsAthenaWorkGroup,
- "AWS::Athena::NamedQuery": awsAthenaNamedQuery,
- }
var myContent []byte
var ok bool
- if TFLookup[myType] != nil {
- myContent, ok = TFLookup[myType].([]byte)
+ if tfLookup[myType] != nil {
+ myContent, ok = tfLookup[myType].([]byte)
if !ok {
log.Warn().Msg("failed to cast to []byte")
}
diff --git a/src/cf/lookup_test.go b/src/cf/lookup_test.go
index 5fb1980..c4de8e8 100644
--- a/src/cf/lookup_test.go
+++ b/src/cf/lookup_test.go
@@ -58,7 +58,7 @@ func TestParseResources(t *testing.T) {
{"Parsed", args{
resources: cloudFormation.Resources,
funcMap: funcMap,
- destination: "",
+ destination: ".",
}, false},
{"empty function map", args{
resources: cloudFormation.Resources,
diff --git a/src/cf/parse.go b/src/cf/parse.go
index 9990e7d..f66701c 100644
--- a/src/cf/parse.go
+++ b/src/cf/parse.go
@@ -40,28 +40,43 @@ type Output struct {
Name string
}
-type filepathError struct {
- Path string
-}
-
-func (m *filepathError) Error() string {
- return fmt.Sprintf("not implemented %s", m.Path)
-}
-
-type goformationError struct {
- err error
-}
-
-func (m *goformationError) Error() string {
- return fmt.Sprintf("goformation parse failure %v", m.err)
+var funcMap = template.FuncMap{
+ "Array": Array,
+ "ArrayReplace": ArrayReplace,
+ "Contains": Contains,
+ "Sprint": Sprint,
+ "Decode64": Decode64,
+ "Boolean": Boolean,
+ "Dequote": Dequote,
+ "Quote": Quote,
+ "Demap": Demap,
+ "ToUpper": strings.ToUpper,
+ "ToLower": Lower,
+ "Deref": func(str *string) string { return *str },
+ "Nil": Nill,
+ "Nild": Nild,
+ "Marshal": Marshal,
+ "Split": Split,
+ "SplitOn": SplitOn,
+ "Replace": Replace,
+ "Tags": Tags,
+ "RandomString": RandomString,
+ "Map": Map,
+ "Snake": Snake,
+ "Kebab": Kebab,
+ "ZipFile": Zipfile,
}
// Parse turn CFN into Terraform.
func Parse(file string, destination string) error {
+ if file == "" || destination == "" {
+ return &emptyPathsError{}
+ }
+
// Open a cloudFormation from file (can be JSON or YAML)
fileAbs, err := filepath.Abs(file)
if err != nil {
- return &filepathError{Path: file}
+ return &filepathError{Path: file, err: err}
}
cloudFormation, err := goformation.Open(fileAbs)
@@ -69,41 +84,15 @@ func Parse(file string, destination string) error {
return &goformationError{err: err}
}
- funcMap := template.FuncMap{
- "Array": Array,
- "ArrayReplace": ArrayReplace,
- "Contains": Contains,
- "Sprint": Sprint,
- "Decode64": Decode64,
- "Boolean": Boolean,
- "Dequote": Dequote,
- "Quote": Quote,
- "Demap": Demap,
- "ToUpper": strings.ToUpper,
- "ToLower": Lower,
- "Deref": func(str *string) string { return *str },
- "Nil": Nill,
- "Nild": Nild,
- "Marshal": Marshal,
- "Split": Split,
- "SplitOn": SplitOn,
- "Replace": Replace,
- "Tags": Tags,
- "RandomString": RandomString,
- "Map": Map,
- "Snake": Snake,
- "Kebab": Kebab,
- "ZipFile": Zipfile,
- }
_, err = ParseVariables(cloudFormation, funcMap, destination)
if err != nil {
- return err
+ return &parseVariablesError{err: err}
}
err = parseResources(cloudFormation.Resources, funcMap, destination)
if err != nil {
- return err
+ return &parseResourcesError{err: err}
}
return nil
@@ -135,7 +124,7 @@ func ParseVariables(
tmpl, err := template.New("test").Funcs(funcMap).Parse(string(variableFile))
if err != nil {
- return nil, fmt.Errorf("template fail %w", err)
+ return nil, &templateNewError{Err: err}
}
_ = tmpl.Execute(&output, M{
@@ -150,12 +139,12 @@ func ParseVariables(
err := Write(All, destination, "variables")
if err != nil {
- return nil, err
+ return nil, &writeError{destination: destination, err: err}
}
err = Write(strings.Join(DataResources, "\n"), destination, "data")
if err != nil {
- return nil, err
+ return nil, &writeError{destination: destination, err: err}
}
return myVariables, nil
@@ -281,7 +270,7 @@ func Write(output string, location string, name string) error {
newPath, _ := filepath.Abs(location)
err := os.MkdirAll(newPath, os.ModePerm)
if err != nil {
- return fmt.Errorf("mkdir failed %w", err)
+ return &makeDirError{err}
}
d1 := []byte(output)
@@ -291,7 +280,7 @@ func Write(output string, location string, name string) error {
log.Info().Msgf("Created %s", destination)
if err != nil {
- return err
+ return &writeFileError{destination: destination, err: err}
}
}
diff --git a/src/cf/resource_mapping.go b/src/cf/resource_mapping.go
new file mode 100644
index 0000000..5b46c06
--- /dev/null
+++ b/src/cf/resource_mapping.go
@@ -0,0 +1,122 @@
+package cf
+
+var tfLookup = map[string]interface{}{
+ "AWS::ApplicationAutoScaling::ScalableTarget": awsAppAutoscalingTarget,
+ "AWS::ApplicationAutoScaling::ScalingPolicy": awsAppAutoscalingPolicy,
+ "AWS::AutoScaling::AutoScalingGroup": awsAutoscalingGroup,
+ "AWS::AutoScaling::LaunchConfiguration": awsLaunchConfiguration,
+ "AWS::AutoScaling::LifecycleHook": awsAutoscalingLifecycleHook,
+ "AWS::AutoScaling::ScalingPolicy": awsAutoscalingPolicy,
+ "AWS::AutoScaling::ScheduledAction": awsAutoscalingSchedule,
+ "AWS::Backup::BackupPlan": awsBackupPlan,
+ "AWS::Backup::BackupSelection": awsBackupSelection,
+ "AWS::Backup::BackupVault": awsBackupVault,
+ "AWS::Cloud9::EnvironmentEC2": awsCloud9EnvironmentEc2,
+ "AWS::CloudFormation::Stack": awsCloudformationStack,
+ "AWS::CloudFront::CloudFrontOriginAccessIdentity": awsCloudfrontOriginAccessIdentity,
+ "AWS::CloudFront::Distribution": awsCloudfrontDistribution,
+ "AWS::CloudWatch::Alarm": awsCloudwatchMetricAlarm,
+ "AWS::CloudWatch::Dashboard": awsCloudwatchDashboard,
+ "AWS::CodeBuild::Project": awsCodebuildProject,
+ "AWS::CodeCommit::Repository": awsCodecommitRepository,
+ "AWS::CodePipeline::Pipeline": awsCodepipeline,
+ "AWS::Config::ConfigRule": awsConfigConfigRule,
+ "AWS::Config::ConfigurationRecorder": awsConfigConfigurationRecorder,
+ "AWS::Config::DeliveryChannel": awsConfigDeliveryChannel,
+ "AWS::DMS::Endpoint": awsDmsEndpoint,
+ "AWS::DMS::ReplicationInstance": awsDmsReplicationinstance,
+ "AWS::DMS::ReplicationSubnetGroup": awsDmsReplicationSubnetGroup,
+ "AWS::DMS::ReplicationTask": awsDmsReplicationTask,
+ "AWS::DirectoryService::MicrosoftAD": awsDirectoryServiceDirectory,
+ "AWS::DynamoDB::Table": awsDynamodbTable,
+ "AWS::EC2::DHCPOptions": awsVpcDhcpOptions,
+ "AWS::EC2::EIP": awsEIP,
+ "AWS::EC2::EIPAssociation": awsEipAssociation,
+ "AWS::EC2::FlowLog": awsFlowLog,
+ "AWS::EC2::Instance": awsInstance,
+ "AWS::EC2::InternetGateway": awsInternetGateway,
+ "AWS::EC2::LaunchTemplate": awsLaunchTemplate,
+ "AWS::EC2::NatGateway": awsNatGateway,
+ "AWS::EC2::NetworkAcl": awsNetworkACL,
+ "AWS::EC2::NetworkAclEntry": awsNetworkACLRule,
+ "AWS::EC2::NetworkInterface": awsNetworkInterface,
+ "AWS::EC2::Route": awsRoute,
+ "AWS::EC2::RouteTable": awsRouteTable,
+ "AWS::EC2::SecurityGroup": awsSecurityGroup,
+ "AWS::EC2::SecurityGroupEgress": awsSecurityGroupRuleEgress,
+ "AWS::EC2::SecurityGroupIngress": awsSecurityGroupRuleIngress,
+ "AWS::EC2::Subnet": awsSubnet,
+ "AWS::EC2::SubnetNetworkAclAssociation": awsNetworkACLAssociation,
+ "AWS::EC2::SubnetRouteTableAssociation": awsRouteTableAssociation,
+ "AWS::EC2::VPC": awsVpc,
+ "AWS::EC2::VPCDHCPOptionsAssociation": awsVpcDhcpOptionsAssociation,
+ "AWS::EC2::VPCEndpoint": awsVpcEndpoint,
+ "AWS::EC2::VPCGatewayAttachment": awsVpnGatewayAttachment,
+ "AWS::EC2::Volume": awsEbsVolume,
+ "AWS::ECS::Cluster": awsEcsCluster,
+ "AWS::ECS::Service": awsEcsService,
+ "AWS::ECS::TaskDefinition": awsEcsTaskDefinition,
+ "AWS::EFS::FileSystem": awsEfsFileSystem,
+ "AWS::EFS::MountTarget": awsEfsMountTarget,
+ "AWS::EKS::Cluster": awsEksCluster,
+ "AWS::EKS::Nodegroup": awsEksNodeGroup,
+ "AWS::ElastiCache::ParameterGroup": awsElasticacheParameterGroup,
+ "AWS::ElastiCache::ReplicationGroup": awsElasticacheReplicationGroup,
+ "AWS::ElastiCache::SubnetGroup": awsElasticacheSubnetGroup,
+ "AWS::ElasticLoadBalancing::LoadBalancer": awsElb,
+ "AWS::ElasticLoadBalancingV2::Listener": awsLbListener,
+ "AWS::ElasticLoadBalancingV2::ListenerRule": awsLbListenerRule,
+ "AWS::ElasticLoadBalancingV2::LoadBalancer": awsLb,
+ "AWS::ElasticLoadBalancingV2::TargetGroup": awsLbTargetGroup,
+ "AWS::Events::Rule": awsCloudwatchEventRule,
+ "AWS::IAM::AccessKey": awsIamAccessKey,
+ "AWS::IAM::Group": awsIamGroup,
+ "AWS::IAM::InstanceProfile": awsIamInstanceProfile,
+ "AWS::IAM::ManagedPolicy": awsIamManagedPolicy,
+ "AWS::IAM::Policy": awsIamPolicy,
+ "AWS::IAM::Role": awsIamRole,
+ "AWS::IAM::User": awsIamUser,
+ "AWS::IAM::UserToGroupAddition": awsIamGroupMembership,
+ "AWS::KinesisFirehose::DeliveryStream": awsKinesisFirehoseDeliveryStream,
+ "AWS::KMS::Alias": awskmsAlias,
+ "AWS::KMS::Key": awsKmsKey,
+ "AWS::Lambda::EventSourceMapping": awsLambdaEventSourceMapping,
+ "AWS::Lambda::Function": awsLambdaFunction,
+ "AWS::Lambda::Permission": awsLambdaPermission,
+ "AWS::Lambda::Version": awsLambdaVersion,
+ "AWS::Logs::LogGroup": awsCloudwatchLogGroup,
+ "AWS::Logs::MetricFilter": awsCloudwatchLogMetricFilter,
+ "AWS::Neptune::DBCluster": awsNeptuneCluster,
+ "AWS::Neptune::DBClusterParameterGroup": awsNeptuneClusterDBParameterGroup,
+ "AWS::Neptune::DBInstance": awsNeptuneDBInstance,
+ "AWS::Neptune::DBParameterGroup": awsNeptuneDBParameterGroup,
+ "AWS::Neptune::DBSubnetGroup": awsNeptuneDnSubnetGroup,
+ "AWS::RDS::DBCluster": awsRdsCluster,
+ "AWS::RDS::DBClusterParameterGroup": awsDBParameterGroup,
+ "AWS::RDS::DBInstance": awsDBInstance,
+ "AWS::RDS::DBParameterGroup": awsDBParameterGroup,
+ "AWS::RDS::DBSubnetGroup": awsDBSubnetGroup,
+ "AWS::Route53::RecordSet": awsRoute53Record,
+ "AWS::S3::Bucket": awsS3Bucket,
+ "AWS::S3::BucketPolicy": awsS3BucketPolicy,
+ "AWS::SNS::Subscription": awsSNSSubscription,
+ "AWS::SNS::Topic": awsSNSTopic,
+ "AWS::SNS::TopicPolicy": awsSNSTopicPolicy,
+ "AWS::SQS::Queue": awsSqsQueue,
+ "AWS::SSM::Association": awsSsmAssociation,
+ "AWS::SSM::Document": awsSsmDocument,
+ "AWS::SSM::MaintenanceWindow": awsSsmMaintenanceWindow,
+ "AWS::SSM::MaintenanceWindowTarget": awsSsmMaintenanceWindowTarget,
+ "AWS::SSM::MaintenanceWindowTask": awsSsmMaintenanceWindowTask,
+ "AWS::SecretsManager::Secret": awsSecretsManagerSecret,
+ "AWS::ServiceCatalog::Portfolio": awsServiceCatalogPortfolio,
+ "AWS::ServiceCatalog::PortfolioProductAssociation": awsServiceCatalogProductPortfolioAssociation,
+ "AWS::ServiceCatalog::PortfolioShare": awsServiceCatalogPortfolioShare,
+ "AWS::ServiceCatalog::TagOption": awsServiceCatalogTagOption,
+ "AWS::ServiceCatalog::TagOptionAssociation": awsServiceCatalogTagOptionAssociation,
+ "AWS::ServiceDiscovery::Service": awsServiceDiscoveryService,
+ "AWS::StepFunctions::StateMachine": awsStepfunctionStateMachine,
+ "AWS::WAFv2::WebACLAssociation": awsWAFv2WebACLAssociation,
+ "AWS::Athena::WorkGroup": awsAthenaWorkGroup,
+ "AWS::Athena::NamedQuery": awsAthenaNamedQuery,
+}
diff --git a/src/see/lookup.go b/src/see/lookup.go
index 9e8df4f..4caac47 100644
--- a/src/see/lookup.go
+++ b/src/see/lookup.go
@@ -5,6 +5,9 @@ import (
"strings"
)
+const none string = "none"
+
+// missingResourceError represents a resource lookup failure
type missingResourceError struct {
Resource string
}
@@ -15,1361 +18,32 @@ func (e *missingResourceError) Error() string {
// Lookup converts from cloudformation/ARM to terraform resource name.
func Lookup(resource string, reverse bool) (*string, error) {
- var result string
-
- //goland:noinspection GoLinter
- Lookup := map[string]string{
- "alexa::ask::skill": "",
- "aws::accessanalyzer::analyzer": "aws_accessanalyzer_analyzer",
- "aws::acmpca::certificate": "aws_acmpca_certificate",
- "aws::acmpca::certificateauthority": "aws_acmpca_certificate_authority",
- "aws::acmpca::certificateauthorityactivation": "",
- "aws::acmpca::permission": "aws_acmpca_permission",
- "aws::amazonmq::broker": "aws_mq_broker",
- "aws::amazonmq::configuration": "aws_mq_configuration",
- "aws::amazonmq::configurationassociation": "aws_mq_broker",
- "aws::amplify::app": "aws_amplify_app",
- "aws::amplify::branch": "aws_amplify_branch",
- "aws::amplify::domain": "aws_amplify_domain",
- "aws::amplifyuibuilder::Component": "",
- "aws::amplifyuibuilder::Form": "",
- "aws::amplifyuibuilder::Theme": "",
- "aws::apigateway::account": "aws_api_gateway_account",
- "aws::apigateway::apikey": "aws_api_gateway_api_key",
- "aws::apigateway::authorizer": "aws_api_gateway_authorizer",
- "aws::apigateway::basepathmapping": "aws_api_gateway_base_path_mapping",
- "aws::apigateway::clientcertificate": "aws_api_gateway_client_certificate",
- "aws::apigateway::deployment": "aws_api_gateway_deployment",
- "aws::apigateway::documentationpart": "aws_api_gateway_documentation_part",
- "aws::apigateway::documentationversion": "aws_api_gateway_documentation_version",
- "aws::apigateway::domainname": "aws_api_gateway_domain_name",
- "aws::apigateway::gatewayresponse": "aws_api_gateway_gateway_response",
- "aws::apigateway::method": "aws_api_gateway_method",
- "aws::apigateway::model": "aws_api_gateway_model",
- "aws::apigateway::requestvalidator": "aws_api_gateway_request_validator",
- "aws::apigateway::resource": "aws_api_gateway_resource",
- "aws::apigateway::restapi": "aws_api_gateway_rest_api",
- "aws::apigateway::stage": "aws_api_gateway_stage",
- "aws::apigateway::stagekey": "",
- "aws::apigateway::usageplan": "aws_api_gateway_usage_plan",
- "aws::apigateway::usageplankey": "aws_api_gateway_usage_plan_key",
- "aws::apigateway::vpclink": "aws_api_gateway_vpc_link",
- "aws::apigatewayv2::api": "aws_apigatewayv2_api",
- "aws::apigatewayv2::apigatewaymanagedoverrides": "",
- "aws::apigatewayv2::apimapping": "aws_apigatewayv2_api_mapping",
- "aws::apigatewayv2::authorizer": "aws_apigatewayv2_authorizer",
- "aws::apigatewayv2::deployment": "aws_apigatewayv2_deployment",
- "aws::apigatewayv2::domainname": "aws_apigatewayv2_domain_name",
- "aws::apigatewayv2::integration": "aws_apigatewayv2_integration",
- "aws::apigatewayv2::integrationresponse": "aws_apigatewayv2_integration_response",
- "aws::apigatewayv2::model": "aws_apigatewayv2_model",
- "aws::apigatewayv2::route": "aws_apigatewayv2_route",
- "aws::apigatewayv2::routeresponse": "aws_apigatewayv2_route_response",
- "aws::apigatewayv2::stage": "aws_apigatewayv2_stage",
- "aws::apigatewayv2::vpclink": "aws_apigatewayv2_vpc_link",
- "aws::appconfig::application": "aws_appconfig_application",
- "aws::appconfig::configurationprofile": "aws_appconfig_configuration_profile",
- "aws::appconfig::deployment": "aws_appconfig_deployment",
- "aws::appconfig::deploymentstrategy": "aws_appconfig_deployment_strategy",
- "aws::appconfig::environment": "aws_appconfig_environment",
- "aws::appconfig::extension": "aws_appconfig_extension",
- "aws::appconfig::extensionassociation": "aws_appconfig_extension_association",
- "aws::appconfig::hostedconfigurationversion": "aws_appconfig_hosted_configuration_version",
- "aws::appflow::connector": "",
- "aws::appflow::connectorprofile": "aws_appflow_connector_profile",
- "aws::appflow::flow": "aws_appflow_flow",
- "aws::appintegrations::application": "",
- "aws::appintegrations::dataintegration": "aws_appintegrations_data_integration",
- "aws::appintegrations::eventintegration": "aws_appintegrations_event_integration",
- "aws::applicationautoscaling::scalabletarget": "aws_appautoscaling_target",
- "aws::applicationautoscaling::scalingpolicy": "aws_appAutoscaling_policy",
- "aws::appmesh::gatewayroute": "aws_appmesh_gateway_route",
- "aws::appmesh::mesh": "aws_appmesh_mesh",
- "aws::appmesh::route": "aws_appmesh_route",
- "aws::appmesh::virtualnode": "aws_appmesh_virtual_node",
- "aws::appmesh::virtualrouter": "aws_appmesh_virtual_router",
- "aws::appmesh::virtualservice": "aws_appmesh_virtual_service",
- "aws::apprunner::autoscalingconfiguration": "aws_apprunner_auto_scaling_configuration_version",
- "aws::apprunner::observabilityconfiguration": "aws_apprunner_observability_configuration",
- "aws::apprunner::service": "aws_apprunner_service",
- "aws::apprunner::vpcconnector": "aws_apprunner_vpc_connector",
- "aws::apprunner::vpcingressconnection": "aws_apprunner_vpc_ingress_connection",
- "aws::appstream::appblock": "",
- "aws::appstream::appblockbuilder": "",
- "aws::appstream::application": "",
- "aws::appstream::applicationentitlementassociation": "",
- "aws::appstream::applicationfleetassociation": "",
- "aws::appstream::directoryconfig": "",
- "aws::appstream::entitlement": "",
- "aws::appstream::fleet": "aws_appstream_fleet",
- "aws::appstream::imagebuilder": "aws_appstream_image_builder",
- "aws::appstream::stack": "aws_appstream_stack",
- "aws::appstream::stackfleetassociation": "aws_appstream_fleet_stack_association",
- "aws::appstream::stackuserassociation": "aws_appstream_user_stack_association",
- "aws::appstream::user": "aws_appstream_user",
- "aws::appsync::apicache": "aws_appsync_api_cache",
- "aws::appsync::apikey": "aws_appsync_api_key",
- "aws::appsync::datasource": "aws_appsync_datasource",
- "aws::appsync::domainname": "aws_appsync_domain_name",
- "aws::appsync::domainnameapiassociation": "aws_appsync_domain_name_api_association",
- "aws::appsync::functionconfiguration": "aws_appsync_function",
- "aws::appsync::graphqlapi": "aws_appsync_graphql_api",
- "aws::appsync::graphqlschema": "",
- "aws::appsync::resolver": "aws_appsync_resolver",
- "aws::appsync::sourceapiassociation": "aws_appsync_resolver_api_association",
- "aws::apptest::testcase": "",
- "aws::aps::rulegroupsnamespace": "",
- "aws::aps::scraper": "",
- "aws::aps::workspace": "",
- "aws::arczonalshift::autoshiftobservernotificationstatus": "",
- "aws::arczonalshift::zonalautoshiftconfiguration": "",
- "aws::athena::capacityreservation": "",
- "aws::athena::datacatalog": "aws_athena_data_catalog",
- "aws::athena::namedquery": "aws_athena_named_query",
- "aws::athena::preparedstatement": "aws_athena_prepared_statement",
- "aws::athena::workgroup": "aws_athena_workgroup",
- "aws::auditmanager::assessment": "aws_auditmanager_assessment",
- "aws::autoscaling::autoscalinggroup": "aws_autoscaling_group",
- "aws::autoscaling::launchconfiguration": "aws_launch_configuration",
- "aws::autoscaling::lifecyclehook": "aws_autoscaling_lifecycle_hook",
- "aws::autoscaling::scalingpolicy": "aws_autoscaling_policy",
- "aws::autoscaling::scheduledaction": "aws_autoscaling_schedule",
- "aws::autoscaling::warmpool": "",
- "aws::autoscalingplans::scalingplan": "aws_autoscalingplans_scaling_plan",
- "aws::b2bi::capability": "",
- "aws::b2bi::partnership": "",
- "aws::b2bi::profile": "",
- "aws::b2bi::transformer": "",
- "aws::backup::backupplan": "aws_backup_plan",
- "aws::backup::backupselection": "aws_backup_selection",
- "aws::backup::backupvault": "aws_backup_vault",
- "aws::backup::framework": "aws_backup_framework",
- "aws::backup::reportplan": "aws_backup_report_plan",
- "aws::backup::restoretestingplan": "",
- "aws::backup::restoretestingselection": "",
- "aws::backupgateway::hypervisor": "",
- "aws::batch::computeenvironment": "aws_batch_compute_environment",
- "aws::batch::jobdefinition": "aws_batch_job_definition",
- "aws::batch::jobqueue": "aws_batch_job_queue",
- "aws::batch::schedulingpolicy": "aws_batch_scheduling_policy",
- "aws::bcmdataexports::export": "aws_bcmdataexports_export",
- "aws::bedrock::agent": "aws_bedrockagent_agent",
- "aws::bedrock::agentalias": "aws_bedrockagent_agent_alias",
- "aws::bedrock::datasource": "aws_bedrockagent_data_source",
- "aws::bedrock::flow": "",
- "aws::bedrock::flowalias": "",
- "aws::bedrock::flowversion": "",
- "aws::bedrock::guardrail": "",
- "aws::bedrock::guardrailversion": "",
- "aws::bedrock::knowledgebase": "aws_bedrockagent_knowledge_base",
- "aws::bedrock::prompt": "",
- "aws::bedrock::promptversion": "",
- "aws::billingconductor::billinggroup": "",
- "aws::billingconductor::customlineitem": "",
- "aws::billingconductor::pricingplan": "",
- "aws::billingconductor::pricingrule": "",
- "aws::budgets::budget": "aws_budgets_budget",
- "aws::budgets::budgetsaction": "aws_budgets_budget_action",
- "aws::cassandra::keyspace": "aws_keyspaces_keyspace",
- "aws::cassandra::table": "aws_keyspaces_table",
- "aws::ce::anomalymonitor": "aws_ce_anomaly_monitor",
- "aws::ce::anomalysubscription": "aws_ce_anomaly_subscription",
- "aws::ce::costcategory": "aws_ce_cost_category",
- "aws::certificatemanager::account": "",
- "aws::certificatemanager::certificate": "aws_acm_certificate",
- "aws::chatbot::microsoftteamschannelconfiguration": "aws_chatbot_teams_channel_configuration",
- "aws::chatbot::slackchannelconfiguration": "aws_chatbot_slack_channel_configuration",
- "aws::cleanrooms::analysistemplate": "",
- "aws::cleanrooms::collaboration": "aws_cleanrooms_collaboration",
- "aws::cleanrooms::configuredtable": "aws_cleanrooms_configured_table",
- "aws::cleanrooms::configuredtableassociation": "",
- "aws::cleanrooms::membership": "",
- "aws::cleanrooms::privacybudgettemplate": "",
- "aws::cleanroomsml::trainingdataset": "",
- "aws::cloud9::environmentec2": "aws_cloud9_environment_ec2",
- "aws::cloudformation::customresource": "",
- "aws::cloudformation::hookdefaultversion": "",
- "aws::cloudformation::hooktypeconfig": "",
- "aws::cloudformation::hookversion": "",
- "aws::cloudformation::macro": "",
- "aws::cloudformation::moduledefaultversion": "",
- "aws::cloudformation::moduleversion": "",
- "aws::cloudformation::publictypeversion": "",
- "aws::cloudformation::publisher": "",
- "aws::cloudformation::resourcedefaultversion": "",
- "aws::cloudformation::resourceversion": "",
- "aws::cloudformation::stack": "aws_cloudformation_stack",
- "aws::cloudformation::stackset": "aws_cloudformation_stack_set",
- "aws::cloudformation::typeactivation": "",
- "aws::cloudformation::waitcondition": "",
- "aws::cloudformation::waitconditionhandle": "",
- "aws::cloudfront::cachepolicy": "aws_cloudfront_cache_policy",
- "aws::cloudfront::cloudFrontOriginAccessIdentity": "aws_cloudfront_origin_access_identity",
- "aws::cloudfront::continuousdeploymentpolicy": "aws_cloudfront_continuous_deployment_policy",
- "aws::cloudfront::distribution": "aws_cloudfront_distribution",
- "aws::cloudfront::function": "aws_cloudfront_function",
- "aws::cloudfront::keygroup": "aws_cloudfront_key_group",
- "aws::cloudfront::keyvaluestore": "aws_cloudfront_key_value_store",
- "aws::cloudfront::monitoringsubscription": "aws_cloudfront_monitoring_subscription",
- "aws::cloudfront::originaccesscontrol": "aws_cloudfront_origin_access_control",
- "aws::cloudfront::originrequestpolicy": "aws_cloudfront_origin_request_policy",
- "aws::cloudfront::publickey": "aws_cloudfront_public_key",
- "aws::cloudfront::realtimelogconfig": "aws_cloudfront_realtime_log_config",
- "aws::cloudfront::responseheaderspolicy": "aws_cloudfront_response_headers_policy",
- "aws::cloudfront::streamingdistribution": "",
- "aws::cloudtrail::channel": "",
- "aws::cloudtrail::eventdatastore": "aws_cloudtrail_event_data_store",
- "aws::cloudtrail::resourcepolicy": "",
- "aws::cloudtrail::trail": "",
- "aws::cloudwatch::alarm": "aws_cloudwatch_metric_alarm",
- "aws::cloudwatch::anomalydetector": "",
- "aws::cloudwatch::compositealarm": "aws_cloudwatch_composite_alarm",
- "aws::cloudwatch::dashboard": "aws_cloudwatch_dashboard",
- "aws::cloudwatch::insightrule": "",
- "aws::cloudwatch::metricstream": "aws_cloudwatch_metric_stream",
- "aws::codeartifact::domain": "aws_codeartifact_domain",
- "aws::codeartifact::packagegroup": "",
- "aws::codeartifact::repository": "aws_codeartifact_repository",
- "aws::codebuild::fleet": "",
- "aws::codebuild::project": "aws_codebuild_project",
- "aws::codebuild::reportgroup": "aws_codebuild_report_group",
- "aws::codebuild::sourcecredential": "aws_codebuild_source_credential",
- "aws::codecommit::repository": "aws_codecommit_repository",
- "aws::codeconnections::connection": "",
- "aws::codedeploy::application": "aws_codedeploy_app",
- "aws::codedeploy::deploymentconfig": "aws_codedeploy_deployment_config",
- "aws::codedeploy::deploymentgroup": "aws_codedeploy_deployment_group",
- "aws::codeguruprofiler::profilinggroup": "aws_codeguruprofiler_profiling_group",
- "aws::codegurureviewer::repositoryassociation": "aws_codegurureviewer_repository_association",
- "aws::codepipeline::customactiontype": "aws_codepipeline_custom_action_type",
- "aws::codepipeline::pipeline": "aws_codepipeline",
- "aws::codepipeline::webhook": "aws_codepipeline_webhook",
- "aws::codestar::githubrepository": "",
- "aws::codestarconnections::connection": "aws_codestarconnections_connection",
- "aws::codestarconnections::repositorylink": "",
- "aws::codestarconnections::syncconfiguration": "",
- "aws::codestarnotifications::notificationrule": "aws_codestarnotifications_notification_rule",
- "aws::cognito::identitypool": "aws_cognito_identity_pool",
- "aws::cognito::identitypoolprincipaltag": "aws_cognito_identity_pool_provider_principal_tag",
- "aws::cognito::identitypoolroleattachment": "aws_cognito_identity_pool_roles_attachment",
- "aws::cognito::logdeliveryconfiguration": "",
- "aws::cognito::userpool": "aws_cognito_user_pool",
- "aws::cognito::userpoolclient": "aws_cognito_user_pool_client",
- "aws::cognito::userpooldomain": "aws_cognito_user_pool_domain",
- "aws::cognito::userpoolgroup": "",
- "aws::cognito::userpoolidentityprovider": "aws_cognito_identity_provider",
- "aws::cognito::userpoolresourceserver": "aws_cognito_resource_server",
- "aws::cognito::userpoolriskconfigurationattachment": "",
- "aws::cognito::userpooluicustomizationattachment": "aws_cognito_user_pool_ui_customization",
- "aws::cognito::userpooluser": "",
- "aws::cognito::userpoolusertogroupattachment": "",
- "aws::comprehend::documentclassifier": "aws_comprehend_document_classifier",
- "aws::comprehend::flywheel": "",
- "aws::config::aggregationauthorization": "aws_config_aggregate_authorization",
- "aws::config::configrule": "aws_config_config_rule",
- "aws::config::configurationaggregator": "aws_config_configuration_aggregator",
- "aws::config::configurationrecorder": "aws_config_configuration_recorder",
- "aws::config::conformancepack": "aws_config_conformance_pack",
- "aws::config::deliverychannel": "aws_config_delivery_channel",
- "aws::config::organizationconfigrule": "aws_config_organization_custom_policy_rule",
- "aws::config::organizationconformancepack": "aws_config_organization_conformance_pack",
- "aws::config::remediationconfiguration": "aws_config_remediation_configuration",
- "aws::config::storedquery": "",
- "aws::connect::approvedorigin": "",
- "aws::connect::contactflow": "aws_connect_contact_flow",
- "aws::connect::contactflowmodule": "aws_connect_contact_flow_module",
- "aws::connect::evaluationform": "",
- "aws::connect::hoursofoperation": "aws_connect_hours_of_operation",
- "aws::connect::instance": "aws_connect_instance",
- "aws::connect::instancestorageconfig": "",
- "aws::connect::integrationassociation": "",
- "aws::connect::phonenumber": "aws_connect_phone_number",
- "aws::connect::predefinedattribute": "",
- "aws::connect::prompt": "",
- "aws::connect::queue": "aws_connect_queue",
- "aws::connect::quickconnect": "aws_connect_quick_connect",
- "aws::connect::routingprofile": "aws_connect_routing_profile",
- "aws::connect::rule": "",
- "aws::connect::securitykey": "",
- "aws::connect::securityprofile": "aws_connect_security_profile",
- "aws::connect::tasktemplate": "",
- "aws::connect::trafficdistributiongroup": "",
- "aws::connect::user": "aws_connect_user",
- "aws::connect::userhierarchygroup": "aws_connect_user_hierarchy_group",
- "aws::connect::view": "",
- "aws::connect::viewversion": "",
- "aws::connectcampaigns::campaign": "",
-
- "aws::controltower::enabledbaseline": "",
- "aws::controltower::enabledcontrol": "aws_controltower_control",
- "aws::controltower::landingzone": "aws_controltower_landing_zone",
- "aws::cur::reportdefinition": "aws_cur_report_definition",
- "aws::customerprofiles::calculatedattributedefinition": "",
- "aws::customerprofiles::domain": "",
- "aws::customerprofiles::eventstream": "",
- "aws::customerprofiles::integration": "",
- "aws::customerprofiles::objecttype": "",
- "aws::databrew::dataset": "",
- "aws::databrew::job": "",
- "aws::databrew::project": "",
- "aws::databrew::recipe": "",
- "aws::databrew::ruleset": "",
- "aws::databrew::schedule": "",
- "aws::datapipeline::pipeline": "aws_datapipeline_pipeline",
- "aws::datasync::agent": "aws_datasync_agent",
- "aws::datasync::locationazureblob": "aws_datasync_location_azure_blob",
- "aws::datasync::locationefs": "aws_datasync_location_efs",
- "aws::datasync::locationfsxlustre": "aws_datasync_location_fsx_lustre_file_system", //nolint:lll
- "aws::datasync::locationfsxontap": "aws_datasync_location_fsx_ontap_file_system", //nolint:lll
- "aws::datasync::locationfsxopenzfs": "aws_datasync_location_fsx_openzfs_file_system", //nolint:lll
- "aws::datasync::locationfsxwindows": "aws_datasync_location_fsx_windows_file_system", //nolint:lll
- "aws::datasync::locationhdfs": "aws_datasync_location_hdfs",
- "aws::datasync::locationnfs": "aws_datasync_location_nfs",
- "aws::datasync::locationobjectstorage": "aws_datasync_location_object_storage",
- "aws::datasync::locations3": "aws_datasync_location_s3",
- "aws::datasync::locationsmb": "aws_datasync_location_smb",
- "aws::datasync::storagesystem": "",
- "aws::datasync::task": "aws_datasync_task",
- "aws::datazone::datasource": "",
- "aws::datazone::domain": "aws_datazone_domain",
- "aws::datazone::environment": "",
- "aws::datazone::environmentblueprintconfiguration": "aws_datazone_environment_blueprint_configuration", //nolint:lll
- "aws::datazone::environmentprofile": "",
- "aws::datazone::groupprofile": "",
- "aws::datazone::project": "aws_datazone_project",
- "aws::datazone::projectmembership": "",
- "aws::datazone::subscriptiontarget": "",
- "aws::datazone::userprofile": "",
- "aws::dax::cluster": "aws_dax_cluster",
- "aws::dax::parametergroup": "aws_dax_parameter_group",
- "aws::dax::subnetgroup": "aws_dax_subnet_group",
- "aws::deadline::farm": "",
- "aws::deadline::fleet": "",
- "aws::deadline::licenseendpoint": "",
- "aws::deadline::meteredproduct": "",
- "aws::deadline::monitor": "",
- "aws::deadline::queue": "",
- "aws::deadline::queueenvironment": "",
- "aws::deadline::queuefleetassociation": "",
- "aws::deadline::storageprofile": "",
- "aws::detective::graph": "aws_detective_graph",
- "aws::detective::memberinvitation": "aws_detective_invitation_accepter",
- "aws::detective::organizationadmin": "aws_detective_organization_admin_account",
- "aws::devopsguru::loganomalydetectionintegration": "",
- "aws::devopsguru::notificationchannel": "aws_devopsguru_notification_channel",
- "aws::devopsguru::resourcecollection": "aws_devopsguru_resource_collection",
- "aws::directoryservice::microsoftad": "aws_directory_service_directory",
- "aws::directoryservice::simplead": "aws_directory_service_directory",
- "aws::dlm::lifecyclepolicy": "aws_dlm_lifecycle_policy",
- "aws::dms::certificate": "aws_dms_certificate",
- "aws::dms::dataprovider": "",
- "aws::dms::endpoint": "aws_dms_endpoint",
- "aws::dms::eventsubscription": "aws_dms_event_subscription",
- "aws::dms::instanceprofile": "",
- "aws::dms::migrationproject": "",
- "aws::dms::replicationconfig": "aws_dms_replication_config",
- "aws::dms::replicationinstance": "aws_dms_replication_instance",
- "aws::dms::replicationsubnetgroup": "aws_dms_replication_subnet_group",
- "aws::dms::replicationtask": "aws_dms_replication_task",
- "aws::docdb::dbcluster": "aws_docdb_cluster",
- "aws::docdb::dbclusterparametergroup": "aws_docdb_cluster_parameter_group",
- "aws::docdb::dbinstance": "aws_docdb_cluster_instance",
- "aws::docdb::dbsubnetgroup": "aws_docdb_subnet_group",
- "aws::docdb::eventsubscription": "aws_docdb_event_subscription",
- "aws::docdbelastic::cluster": "aws_docdbelastic_cluster",
- "aws::dynamodb::globaltable": "aws_dynamodb_global_table",
- "aws::dynamodb::table": "aws_dynamodb_table",
- "aws::ec2::capacityreservation": "aws_ec2_capacity_reservation",
- "aws::ec2::capacityreservationfleet": "",
- "aws::ec2::carriergateway": "",
- "aws::ec2::clientvpnauthorizationrule": "",
- "aws::ec2::clientvpnendpoint": "",
- "aws::ec2::clientvpnroute": "",
- "aws::ec2::clientvpntargetnetworkassociation": "",
- "aws::ec2::customergateway": "",
- "aws::ec2::dhcpoptions": "aws_vpc_dhcp_options",
- "aws::ec2::ec2fleet": "",
- "aws::ec2::egressonlyinternetgateway": "",
- "aws::ec2::eip": "aws_eip",
- "aws::ec2::eipassociation": "aws_eip_association",
- "aws::ec2::enclavecertificateiamroleassociation": "",
- "aws::ec2::flowlog": "aws_flow_log",
- "aws::ec2::gatewayroutetableassociation": "",
- "aws::ec2::host": "aws_ec2_host",
- "aws::ec2::instance": "aws_instance",
- "aws::ec2::instanceconnectendpoint": "",
- "aws::ec2::internetgateway": "aws_Internet_gateway",
- "aws::ec2::ipam": "aws_vpc_ipam",
- "aws::ec2::ipamallocation": "",
- "aws::ec2::ipampool": "aws_vpc_ipam_pool",
- "aws::ec2::ipampoolcidr": "aws_vpc_ipam_pool_cidr",
- "aws::ec2::ipamresourcediscovery": "aws_vpc_ipam_resource_discovery",
- "aws::ec2::ipamresourcediscoveryassociation": "aws_vpc_ipam_resource_discovery_association",
- "aws::ec2::ipamscope": "aws_vpc_ipam_scope",
- "aws::ec2::keypair": "aws_key_pair",
- "aws::ec2::launchtemplate": "aws_launch_template",
- "aws::ec2::localgatewayroute": "aws_ec2_local_gateway_route",
- "aws::ec2::localgatewayroutetable": "aws_ec2_local_gateway_route_table_vpc_association",
- "aws::ec2::localgatewayroutetablevirtualinterfacegroupassociation": "",
- "aws::ec2::localgatewayroutetablevpcassociation": "",
- "aws::ec2::natgateway": "aws_nat_gateway",
- "aws::ec2::networkacl": "aws_network_acl",
- "aws::ec2::networkaclentry": "aws_network_acl_rule",
- "aws::ec2::networkinsightsaccessscope": "",
- "aws::ec2::networkinsightsaccessscopeanalysis": "",
- "aws::ec2::networkinsightsanalysis": "aws_ec2_network_insights_analysis",
- "aws::ec2::networkinsightspath": "aws_ec2_network_insights_path",
- "aws::ec2::networkinterface": "aws_network_interface",
- "aws::ec2::networkinterfaceattachment": "aws_network_interface_attachment",
- "aws::ec2::networkinterfacepermission": "",
- "aws::ec2::networkperformancemetricsubscription": "",
- "aws::ec2::placementgroup": "aws_placement_group",
- "aws::ec2::prefixlist": "aws_ec2_managed_prefix_list",
- "aws::ec2::route": "aws_route",
- "aws::ec2::routetable": "aws_route_table",
- "aws::ec2::securitygroup": "aws_security_group",
- "aws::ec2::securitygroupegress": "aws_security_group_rule_egress",
- "aws::ec2::securitygroupingress": "aws_security_group_rule_ingress",
- "aws::ec2::snapshotblockpublicaccess": "",
- "aws::ec2::spotfleet": "aws_spot_fleet_request",
- "aws::ec2::subnet": "aws_subnet",
- "aws::ec2::subnetcidrblock": "",
- "aws::ec2::subnetnetworkaclassociation": "aws_network_acl_association",
- "aws::ec2::subnetroutetableassociation": "aws_route_table_association",
- "aws::ec2::trafficmirrorfilter": "aws_ec2_traffic_mirror_filter",
- "aws::ec2::trafficmirrorfilterrule": "aws_ec2_traffic_mirror_filter_rule",
- "aws::ec2::trafficmirrorsession": "aws_ec2_traffic_mirror_session",
- "aws::ec2::trafficmirrortarget": "aws_ec2_traffic_mirror_target",
- "aws::ec2::transitgateway": "aws_ec2_transit_gateway",
- "aws::ec2::transitgatewayattachment": "aws_ec2_transit_gateway",
- "aws::ec2::transitgatewayconnect": "aws_ec2_transit_gateway_connect",
- "aws::ec2::transitgatewaymulticastdomain": "aws_ec2_transit_gateway_multicast_domain",
- "aws::ec2::transitgatewaymulticastdomainassociation": "aws_ec2_transit_gateway_multicast_domain_association", //nolint:lll
- "aws::ec2::transitgatewaymulticastgroupmember": "aws_ec2_transit_gateway_multicast_group_member",
- "aws::ec2::transitgatewaymulticastgroupsource": "aws_ec2_transit_gateway_multicast_group_source",
- "aws::ec2::transitgatewaypeeringattachment": "aws_ec2_transit_gateway_peering_attachment",
- "aws::ec2::transitgatewayroute": "aws_ec2_transit_gateway_route",
- "aws::ec2::transitgatewayroutetable": "aws_ec2_transit_gateway_route_table",
- "aws::ec2::transitgatewayroutetableassociation": "aws_ec2_transit_gateway_route_table_association",
- "aws::ec2::transitgatewayroutetablepropagation": "aws_ec2_transit_gateway_route_table_propagation",
- "aws::ec2::transitgatewayvpcattachment": "aws_ec2_transit_gateway_vpc_attachment",
- "aws::ec2::verifiedaccessendpoint": "aws_verifiedaccess_endpoint",
- "aws::ec2::verifiedaccessgroup": "aws_verifiedaccess_group",
- "aws::ec2::verifiedaccessinstance": "aws_verifiedaccess_instance",
- "aws::ec2::verifiedaccesstrustprovider": "aws_verifiedaccess_trust_provider",
- "aws::ec2::volume": "aws_ebs_volume",
- "aws::ec2::volumeattachment": "aws_volume_attachment",
- "aws::ec2::vpc": "aws_vpc",
- "aws::ec2::vpccidrblock": "",
- "aws::ec2::vpcdhcpoptionsassociation": "aws_vpc_dhcp_options_association",
- "aws::ec2::vpcendpoint": "aws_vpc_endpoint",
- "aws::ec2::vpcendpointconnectionnotification": "aws_vpc_endpoint_connection_notification",
- "aws::ec2::vpcendpointservice": "aws_vpc_endpoint_service",
- "aws::ec2::vpcendpointservicepermissions": "",
- "aws::ec2::vpcgatewayattachment": "aws_vpn_gateway_attachment",
- "aws::ec2::vpcpeeringconnection": "aws_vpc_peering_connection",
- "aws::ec2::vpnconnection": "aws_vpn_connection",
- "aws::ec2::vpnconnectionroute": "aws_vpn_connection_route",
- "aws::ec2::vpngateway": "aws_vpn_gateway",
- "aws::ec2::vpngatewayroutepropagation": "aws_vpn_gateway_route_propagation",
- "aws::ecr::publicrepository": "aws_ecrpublic_repository",
- "aws::ecr::pullthroughcacherule": "aws_ecr_pull_through_cache_rule",
- "aws::ecr::registrypolicy": "aws_ecr_registry_policy",
- "aws::ecr::replicationconfiguration": "aws_ecr_replication_configuration",
- "aws::ecr::repository": "aws_ecr_repository",
- "aws::ecr::repositorycreationtemplate": "aws_ecr_repository_creation_template",
- "aws::ecs::capacityprovider": "aws_ecs_capacity_provider",
- "aws::ecs::cluster": "aws_ecs_cluster",
- "aws::ecs::clustercapacityproviderassociations": "",
- "aws::ecs::primarytaskset": "",
- "aws::ecs::service": "aws_ecs_service",
- "aws::ecs::taskdefinition": "aws_ecs_task_definition",
- "aws::ecs::taskset": "aws_ecs_task_set",
- "aws::efs::accesspoint": "aws_efs_access_point",
- "aws::efs::filesystem": "aws_efs_file_system",
- "aws::efs::mounttarget": "aws_efs_mount_target",
- "aws::eks::accessentry": "aws_eks_access_entry",
- "aws::eks::addon": "aws_eks_addon",
- "aws::eks::cluster": "aws_eks_cluster",
- "aws::eks::fargateprofile": "aws_eks_fargate_profile",
- "aws::eks::identityproviderconfig": "aws_eks_identity_provider_config",
- "aws::eks::nodegroup": "aws_eks_node_group",
- "aws::eks::podidentityassociation": "aws_eks_pod_identity_association",
- "aws::elasticache::cachecluster": "aws_elasticache_cluster",
- "aws::elasticache::globalreplicationgroup": "aws_elasticache_global_replication_group",
- "aws::elasticache::parametergroup": "aws_elasticache_parameter_group",
- "aws::elasticache::replicationgroup": "aws_elasticache_replication_group",
- "aws::elasticache::securitygroup": "",
- "aws::elasticache::securitygroupingress": "",
- "aws::elasticache::serverlesscache": "",
- "aws::elasticache::subnetgroup": "aws_elasticache_subnet_group",
- "aws::elasticache::user": "aws_elasticache_user",
- "aws::elasticache::usergroup": "aws_elasticache_user_group",
- "aws::elasticbeanstalk::application": "aws_elastic_beanstalk_application",
- "aws::elasticbeanstalk::applicationversion": "aws_elastic_beanstalk_application_version",
- "aws::elasticbeanstalk::configurationtemplate": "aws_elastic_beanstalk_configuration_template",
- "aws::elasticbeanstalk::environment": "aws_elastic_beanstalk_environment",
- "aws::elasticloadbalancing::loadbalancer": "aws_elb",
- "aws::elasticloadbalancingv2::listener": "aws_lb_listener",
- "aws::elasticloadbalancingv2::listenerrule": "aws_lb_listener_rule",
- "aws::elasticloadbalancingv2::loadbalancer": "aws_lb",
- "aws::elasticloadbalancingv2::targetgroup": "aws_lb_target_group",
- "aws::elasticloadbalancingv2::truststore": "",
- "aws::elasticloadbalancingv2::truststorerevocation": "",
- "aws::elasticsearch::domain": "aws_elasticsearch_domain",
- "aws::emr::cluster": "aws_emr_cluster",
- "aws::emr::instancefleetconfig": "aws_emr_instance_fleet",
- "aws::emr::instancegroupconfig": "aws_emr_instance_group",
- "aws::emr::securityconfiguration": "aws_emr_security_configuration",
- "aws::emr::step": "",
- "aws::emr::studio": "aws_emr_studio",
- "aws::emr::studiosessionmapping": "aws_emr_studio_session_mapping",
- "aws::emr::walworkspace": "",
- "aws::emrcontainers::virtualcluster": "aws_emrcontainers_virtual_cluster",
- "aws::emrserverless::application": "aws_emrserverless_application",
- "aws::entityresolution::idmappingworkflow": "",
- "aws::entityresolution::idnamespace": "",
- "aws::entityresolution::matchingworkflow": "",
- "aws::entityresolution::policystatement": "",
- "aws::entityresolution::schemamapping": "",
- "aws::events::apidestination": "aws_cloudwatch_event_api_destination",
- "aws::events::archive": "aws_cloudwatch_event_archive",
- "aws::events::connection": "aws_cloudwatch_event_connection",
- "aws::events::endpoint": "aws_cloudwatch_event_endpoint",
- "aws::events::eventbus": "aws_cloudwatch_event_bus",
- "aws::events::eventbuspolicy": "aws_cloudwatch_event_bus_policy",
- "aws::events::rule": "aws_cloudwatch_event_rule",
- "aws::eventschemas::discoverer": "aws_schemas_discoverer",
- "aws::eventschemas::registry": "aws_schemas_registry",
- "aws::eventschemas::registrypolicy": "aws_schemas_registry_policy",
- "aws::eventschemas::schema": "aws_schemas_schema",
- "aws::evidently::experiment": "",
- "aws::evidently::feature": "aws_evidently_feature",
- "aws::evidently::launch": "aws_evidently_launch",
- "aws::evidently::project": "aws_evidently_project",
- "aws::evidently::segment": "aws_evidently_segment",
- "aws::finspace::environment": "aws_finspace_kx_environment",
- "aws::fis::experimenttemplate": "aws_fis_experiment_template",
- "aws::fis::targetaccountconfiguration": "",
- "aws::fms::notificationchannel": "",
- "aws::fms::policy": "aws_fms_policy",
- "aws::fms::resourceset": "aws_fms_resource_set",
- "aws::forecast::dataset": "",
- "aws::forecast::datasetgroup": "",
- "aws::frauddetector::detector": "",
- "aws::frauddetector::entitytype": "",
- "aws::frauddetector::eventtype": "",
- "aws::frauddetector::label": "",
- "aws::frauddetector::list": "",
- "aws::frauddetector::outcome": "",
- "aws::frauddetector::variable": "",
- "aws::fsx::datarepositoryassociation": "aws_fsx_data_repository_association",
- "aws::fsx::filesystem": "aws_fsx_ontap_file_system",
- "aws::fsx::snapshot": "aws_fsx_openzfs_snapshot",
- "aws::fsx::storagevirtualmachine": "aws_fsx_ontap_storage_virtual_machine",
- "aws::fsx::volume": "aws_fsx_ontap_volume",
- "aws::gamelift::alias": "aws_gamelift_alias",
- "aws::gamelift::build": "aws_gamelift_build",
- "aws::gamelift::containergroupdefinition": "",
- "aws::gamelift::fleet": "aws_gamelift_fleet",
- "aws::gamelift::gameservergroup": "aws_gamelift_game_server_group",
- "aws::gamelift::gamesessionqueue": "aws_gamelift_game_session_queue",
- "aws::gamelift::location": "",
- "aws::gamelift::matchmakingconfiguration": "",
- "aws::gamelift::matchmakingruleset": "",
- "aws::gamelift::script": "aws_gamelift_script",
- "aws::globalaccelerator::accelerator": "aws_globalaccelerator_accelerator",
- "aws::globalaccelerator::crossaccountattachment": "aws_globalaccelerator_cross_account_attachment",
- "aws::globalaccelerator::endpointgroup": "aws_globalaccelerator_endpoint_group",
- "aws::globalaccelerator::listener": "aws_globalaccelerator_listener",
- "aws::glue::classifier": "aws_glue_classifier",
- "aws::glue::connection": "aws_glue_connection",
- "aws::glue::crawler": "aws_glue_crawler",
- "aws::glue::customentitytype": "",
- "aws::glue::database": "aws_glue_catalog_database",
- "aws::glue::datacatalogencryptionsettings": "aws_glue_data_catalog_encryption_settings",
- "aws::glue::dataqualityruleset": "aws_glue_data_quality_ruleset",
- "aws::glue::devendpoint": "aws_glue_dev_endpoint",
- "aws::glue::job": "aws_glue_job",
- "aws::glue::mltransform": "aws_glue_ml_transform",
- "aws::glue::partition": "aws_glue_partition",
- "aws::glue::registry": "aws_glue_registry",
- "aws::glue::schema": "aws_glue_schema",
- "aws::glue::schemaversion": "",
- "aws::glue::schemaversionmetadata": "",
- "aws::glue::securityconfiguration": "aws_glue_security_configuration",
- "aws::glue::table": "aws_glue_catalog_table",
- "aws::glue::tableoptimizer": "",
- "aws::glue::trigger": "aws_glue_trigger",
- "aws::glue::workflow": "aws_glue_workflow",
- "aws::grafana::workspace": "",
- "aws::greengrass::connectordefinition": "",
- "aws::greengrass::connectordefinitionversion": "",
- "aws::greengrass::coredefinition": "",
- "aws::greengrass::coredefinitionversion": "",
- "aws::greengrass::devicedefinition": "",
- "aws::greengrass::devicedefinitionversion": "",
- "aws::greengrass::functiondefinition": "",
- "aws::greengrass::functiondefinitionversion": "",
- "aws::greengrass::group": "",
- "aws::greengrass::groupversion": "",
- "aws::greengrass::loggerdefinition": "",
- "aws::greengrass::loggerdefinitionversion": "",
- "aws::greengrass::resourcedefinition": "",
- "aws::greengrass::resourcedefinitionversion": "",
- "aws::greengrass::subscriptiondefinition": "",
- "aws::greengrass::subscriptiondefinitionversion": "",
- "aws::greengrassv2::componentversion": "",
- "aws::greengrassv2::deployment": "",
- "aws::groundstation::config": "",
- "aws::groundstation::dataflowendpointgroup": "",
- "aws::groundstation::missionprofile": "",
- "aws::guardduty::detector": "aws_guardduty_detector",
- "aws::guardduty::filter": "aws_guardduty_filter",
- "aws::guardduty::ipset": "aws_guardduty_ipset",
- "aws::guardduty::malwareprotectionplan": "aws_guardduty_malware_protection_plan",
- "aws::guardduty::master": "",
- "aws::guardduty::member": "aws_guardduty_member",
- "aws::guardduty::threatintelset": "aws_guardduty_threatintelset",
- "aws::healthimaging::datastore": "",
- "aws::healthlake::fhirdatastore": "",
- "aws::iam::accessKey": "aws_iam_access_key",
- "aws::iam::group": "aws_iam_group",
- "aws::iam::grouppolicy": "aws_iam_group_policy",
- "aws::iam::instanceprofile": "aws_iam_instance_profile",
- "aws::iam::managedpolicy": "aws_iam_managed_policy",
- "aws::iam::oidcprovider": "",
- "aws::iam::policy": "aws_iam_policy",
- "aws::iam::role": "aws_iam_role",
- "aws::iam::rolepolicy": "aws_iam_role_policy",
- "aws::iam::samlprovider": "aws_iam_saml_provider",
- "aws::iam::servercertificate": "aws_iam_server_certificate",
- "aws::iam::servicelinkedrole": "aws_iam_service_linked_role",
- "aws::iam::user": "aws_iam_user",
- "aws::iam::userpolicy": "aws_iam_user",
- "aws::iam::usertogroupaddition": "aws_iam_group_membership",
- "aws::iam::virtualmfadevice": "aws_iam_virtual_mfa_device",
- "aws::identitystore::group": "",
- "aws::identitystore::groupmembership": "",
- "aws::imagebuilder::component": "aws_imagebuilder_component",
- "aws::imagebuilder::containerrecipe": "aws_imagebuilder_container_recipe",
- "aws::imagebuilder::distributionconfiguration": "aws_imagebuilder_distribution_configuration",
- "aws::imagebuilder::image": "aws_imagebuilder_image",
- "aws::imagebuilder::imagepipeline": "aws_imagebuilder_image_pipeline",
- "aws::imagebuilder::imagerecipe": "aws_imagebuilder_image_recipe",
- "aws::imagebuilder::infrastructureconfiguration": "aws_imagebuilder_infrastructure_configuration",
- "aws::imagebuilder::lifecyclepolicy": "",
- "aws::imagebuilder::workflow": "aws_imagebuilder_workflow",
- "aws::inspector::assessmenttarget": "aws_inspector_assessment_target",
- "aws::inspector::assessmenttemplate": "aws_inspector_assessment_template",
- "aws::inspector::resourcegroup": "aws_inspector_resource_group",
- "aws::inspectorv2::cisscanconfiguration": "",
- "aws::inspectorv2::filter": "",
- "aws::internetmonitor::monitor": "",
- "aws::iot1click::device": "",
- "aws::iot1click::placement": "",
- "aws::iot1click::project": "",
- "aws::iot::accountauditconfiguration": "",
- "aws::iot::authorizer": "aws_iot_authorizer",
- "aws::iot::billinggroup": "aws_iot_billing_group",
- "aws::iot::cacertificate": "aws_iot_ca_certificate",
- "aws::iot::certificate": "aws_iot_certificate",
- "aws::iot::certificateprovider": "",
- "aws::iot::custommetric": "",
- "aws::iot::dimension": "",
- "aws::iot::domainconfiguration": "",
- "aws::iot::fleetmetric": "",
- "aws::iot::jobtemplate": "",
- "aws::iot::logging": "",
- "aws::iot::mitigationaction": "",
- "aws::iot::policy": "aws_iot_policy",
- "aws::iot::policyprincipalattachment": "aws_iot_policy_attachment",
- "aws::iot::provisioningtemplate": "aws_iot_provisioning_template",
- "aws::iot::resourcespecificlogging": "",
- "aws::iot::rolealias": "aws_iot_role_alias",
- "aws::iot::scheduledaudit": "",
- "aws::iot::securityprofile": "",
- "aws::iot::softwarepackage": "",
- "aws::iot::softwarepackageversion": "",
- "aws::iot::thing": "aws_iot_thing",
- "aws::iot::thinggroup": "aws_iot_thing_group",
- "aws::iot::thingprincipalattachment": "aws_iot_thing_principal_attachment",
- "aws::iot::thingtype": "aws_iot_thing_type",
- "aws::iot::topicrule": "aws_iot_topic_rule",
- "aws::iot::topicruledestination": "aws_iot_topic_rule_destination",
- "aws::iotanalytics::channel": "",
- "aws::iotanalytics::dataset": "",
- "aws::iotanalytics::datastore": "",
- "aws::iotanalytics::pipeline": "",
- "aws::iotcoredeviceadvisor::suitedefinition": "",
- "aws::iotevents::alarmmodel": "",
- "aws::iotevents::detectormodel": "",
- "aws::iotevents::input": "",
- "aws::iotfleethub::application": "",
- "aws::iotfleetwise::campaign": "",
- "aws::iotfleetwise::decodermanifest": "",
- "aws::iotfleetwise::fleet": "",
- "aws::iotfleetwise::modelmanifest": "",
- "aws::iotfleetwise::signalcatalog": "",
- "aws::iotfleetwise::vehicle": "",
- "aws::iotsitewise::accesspolicy": "",
- "aws::iotsitewise::asset": "",
- "aws::iotsitewise::assetmodel": "",
- "aws::iotsitewise::dashboard": "",
- "aws::iotsitewise::gateway": "",
- "aws::iotsitewise::portal": "",
- "aws::iotsitewise::project": "",
- "aws::iotthingsgraph::flowtemplate": "",
- "aws::iottwinmaker::componenttype": "",
- "aws::iottwinmaker::entity": "",
- "aws::iottwinmaker::scene": "",
- "aws::iottwinmaker::syncjob": "",
- "aws::iottwinmaker::workspace": "",
- "aws::iotwireless::destination": "",
- "aws::iotwireless::deviceprofile": "",
- "aws::iotwireless::fuotatask": "",
- "aws::iotwireless::multicastgroup": "",
- "aws::iotwireless::networkanalyzerconfiguration": "",
- "aws::iotwireless::partneraccount": "",
- "aws::iotwireless::serviceprofile": "",
- "aws::iotwireless::taskdefinition": "",
- "aws::iotwireless::wirelessdevice": "",
- "aws::iotwireless::wirelessdeviceimporttask": "",
- "aws::iotwireless::wirelessgateway": "",
- "aws::ivs::channel": "aws_ivs_channel",
- "aws::ivs::encoderconfiguration": "",
- "aws::ivs::playbackkeypair": "aws_ivs_playback_key_pair",
- "aws::ivs::playbackrestrictionpolicy": "",
- "aws::ivs::recordingconfiguration": "aws_ivs_recording_configuration",
- "aws::ivs::stage": "",
- "aws::ivs::storageconfiguration": "",
- "aws::ivs::streamkey": "",
- "aws::ivschat::loggingconfiguration": "aws_ivschat_logging_configuration",
- "aws::ivschat::room": "aws_ivschat_room",
- "aws::kafkaconnect::connector": "",
- "aws::kafkaconnect::customplugin": "",
- "aws::kafkaconnect::workerconfiguration": "",
- "aws::kendra::datasource": "aws_kendra_data_source",
- "aws::kendra::faq": "aws_kendra_faq",
- "aws::kendra::index": "aws_kendra_index",
- "aws::kendraranking::executionplan": "",
- "aws::kinesis::stream": "aws_kinesis_stream",
- "aws::kinesis::streamconsumer": "aws_kinesis_stream_consumer",
- "aws::kinesisanalytics::application": "aws_kinesis_analytics_application",
- "aws::kinesisanalytics::applicationoutput": "",
- "aws::kinesisanalytics::applicationreferencedatasource": "",
- "aws::kinesisanalyticsv2::application": "aws_kinesisanalyticsv2_application",
- "aws::kinesisanalyticsv2::applicationcloudwatchloggingoption": "",
- "aws::kinesisanalyticsv2::applicationoutput": "",
- "aws::kinesisanalyticsv2::applicationreferencedatasource": "",
- "aws::kinesisfirehose::deliverystream": "aws_kinesis_firehose_delivery_stream",
- "aws::kinesisvideo::signalingchannel": "",
- "aws::kinesisvideo::stream": "aws_kinesis_video_stream",
- "aws::kms::alias": "aws_kms_alias",
- "aws::kms::key": "aws_kms_key",
- "aws::kms::replicakey": "aws_kms_replica_key",
- "aws::lakeformation::datacellsfilter": "aws_lakeformation_data_cells_filter",
- "aws::lakeformation::datalakesettings": "aws_lakeformation_data_lake_settings",
- "aws::lakeformation::permissions": "aws_lakeformation_permissions",
- "aws::lakeformation::principalpermissions": "",
- "aws::lakeformation::resource": "aws_lakeformation_resource",
- "aws::lakeformation::tag": "aws_lakeformation_lf_tag",
- "aws::lakeformation::tagassociation": "",
- "aws::lambda::alias": "aws_lambda_alias",
- "aws::lambda::codesigningconfig": "aws_lambda_code_signing_config",
- "aws::lambda::eventinvokeconfig": "aws_lambda_function_event_invoke_config",
- "aws::lambda::eventsourcemapping": "aws_lambda_event_source_mapping",
- "aws::lambda::function": "aws_lambda_function",
- "aws::lambda::layerversion": "aws_lambda_layer_version",
- "aws::lambda::layerversionpermission": "aws_lambda_layer_version_permission",
- "aws::lambda::permission": "aws_lambda_permission",
- "aws::lambda::url": "",
- "aws::lambda::version": "aws_lambda_version",
- "aws::launchwizard::deployment": "",
- "aws::lex::bot": "aws_lex_bot",
- "aws::lex::botalias": "aws_lex_bot_alias",
- "aws::lex::botversion": "",
- "aws::lex::resourcepolicy": "",
- "aws::licensemanager::grant": "aws_licensemanager_grant",
- "aws::licensemanager::license": "aws_licensemanager_license_configuration",
- "aws::lightsail::alarm": "",
- "aws::lightsail::bucket": "aws_lightsail_bucket",
- "aws::lightsail::certificate": "aws_lightsail_certificate",
- "aws::lightsail::container": "",
- "aws::lightsail::database": "aws_lightsail_database",
- "aws::lightsail::disk": "aws_lightsail_disk",
- "aws::lightsail::distribution": "aws_lightsail_distribution",
- "aws::lightsail::instance": "aws_lightsail_instance",
- "aws::lightsail::loadbalancer": "aws_lightsail_lb",
- "aws::lightsail::loadbalancertlscertificate": "",
- "aws::lightsail::staticip": "aws_lightsail_static_ip",
- "aws::location::apikey": "",
- "aws::location::geofencecollection": "aws_location_geofence_collection",
- "aws::location::map": "aws_location_map",
- "aws::location::placeindex": "aws_location_place_index",
- "aws::location::routecalculator": "aws_location_route_calculator",
- "aws::location::tracker": "aws_location_tracker",
- "aws::location::trackerconsumer": "",
- "aws::logs::accountpolicy": "aws_cloudwatch_log_account_policy",
- "aws::logs::delivery": "",
- "aws::logs::deliverydestination": "",
- "aws::logs::deliverysource": "",
- "aws::logs::destination": "",
- "aws::logs::loganomalydetector": "",
- "aws::logs::loggroup": "aws_cloudwatch_loggroup",
- "aws::logs::logstream": "",
- "aws::logs::metricfilter": "aws_cloudwatch_log_metric_filter",
- "aws::logs::querydefinition": "",
- "aws::logs::resourcepolicy": "aws_cloudwatch_log_resource_policy",
- "aws::logs::subscriptionfilter": "",
- "aws::lookoutequipment::inferencescheduler": "",
- "aws::lookoutmetrics::alert": "",
- "aws::lookoutmetrics::anomalydetector": "",
- "aws::lookoutvision::project": "",
- "aws::m2::application": "",
- "aws::m2::environment": "",
- "aws::macie::allowlist": "",
- "aws::macie::customdataidentifier": "aws_macie2_custom_data_identifier",
- "aws::macie::findingsfilter": "aws_macie2_findings_filter",
- "aws::macie::session": "",
- "aws::managedblockchain::accessor": "",
- "aws::managedblockchain::member": "",
- "aws::managedblockchain::node": "",
- "aws::mediaconnect::bridge": "",
- "aws::mediaconnect::bridgeoutput": "",
- "aws::mediaconnect::bridgesource": "",
- "aws::mediaconnect::flow": "",
- "aws::mediaconnect::flowentitlement": "",
- "aws::mediaconnect::flowoutput": "",
- "aws::mediaconnect::flowsource": "",
- "aws::mediaconnect::flowvpcinterface": "",
- "aws::mediaconnect::gateway": "",
- "aws::mediaconvert::jobtemplate": "",
- "aws::mediaconvert::preset": "",
- "aws::mediaconvert::queue": "aws_media_convert_queue",
- "aws::medialive::channel": "aws_medialive_channel",
- "aws::medialive::input": "aws_medialive_input",
- "aws::medialive::inputsecuritygroup": "aws_medialive_input_security_group",
- "aws::medialive::multiplex": "aws_medialive_multiplex",
- "aws::medialive::multiplexprogram": "aws_medialive_multiplex_program",
- "aws::mediapackage::asset": "",
- "aws::mediapackage::channel": "aws_media_package_channel",
- "aws::mediapackage::originendpoint": "",
- "aws::mediapackage::packagingconfiguration": "",
- "aws::mediapackage::packaginggroup": "",
- "aws::mediapackagev2::channel": "",
- "aws::mediapackagev2::channelgroup": "",
- "aws::mediapackagev2::channelpolicy": "",
- "aws::mediapackagev2::originendpoint": "",
- "aws::mediapackagev2::originendpointpolicy": "",
- "aws::mediastore::container": "aws_media_store_container",
- "aws::mediatailor::channel": "",
- "aws::mediatailor::channelpolicy": "",
- "aws::mediatailor::livesource": "",
- "aws::mediatailor::playbackconfiguration": "",
- "aws::mediatailor::sourcelocation": "",
- "aws::mediatailor::vodsource": "",
- "aws::memorydb::acl": "aws_memorydb_acl",
- "aws::memorydb::cluster": "aws_memorydb_cluster",
- "aws::memorydb::parametergroup": "aws_memorydb_parameter_group",
- "aws::memorydb::subnetgroup": "aws_memorydb_subnet_group",
- "aws::memorydb::user": "",
- "aws::msk::batchscramsecret": "",
- "aws::msk::cluster": "aws_msk_cluster",
- "aws::msk::clusterpolicy": "aws_msk_cluster_policy",
- "aws::msk::configuration": "aws_msk_configuration",
- "aws::msk::replicator": "aws_msk_replicator",
- "aws::msk::serverlesscluster": "aws_msk_serverless_cluster",
- "aws::msk::vpcconnection": "aws_msk_vpc_connection",
- "aws::mwaa::environment": "aws_mwaa_environment",
- "aws::neptune::dbcluster": "aws_neptune_cluster",
- "aws::neptune::dbclusterparametergroup": "aws_neptune_cluster_parameter_group",
- "aws::neptune::dbinstance": "aws_neptune_cluster_instance",
- "aws::neptune::dbparametergroup": "aws_neptune_parameter_group",
- "aws::neptune::dbsubnetgroup": "aws_neptune_subnet_group",
- "aws::neptune::eventsubscription": "",
- "aws::neptunegraph::graph": "",
- "aws::neptunegraph::privategraphendpoint": "",
- "aws::networkfirewall::firewall": "aws_networkfirewall_firewall",
- "aws::networkfirewall::firewallpolicy": "aws_networkfirewall_firewall_policy",
- "aws::networkfirewall::loggingconfiguration": "aws_networkfirewall_logging_configuration",
- "aws::networkfirewall::rulegroup": "aws_networkfirewall_rule_group",
- "aws::networkfirewall::tlsinspectionconfiguration": "aws_networkfirewall_tls_inspection_configuration", //nolint:lll
- "aws::networkmanager::connectattachment": "aws_networkmanager_connect_attachment",
- "aws::networkmanager::connectpeer": "aws_networkmanager_connect_peer",
- "aws::networkmanager::corenetwork": "aws_networkmanager_core_network",
- "aws::networkmanager::customergatewayassociation": "aws_networkmanager_customer_gateway_association",
- "aws::networkmanager::device": "aws_networkmanager_device",
- "aws::networkmanager::globalnetwork": "aws_networkmanager_global_network",
- "aws::networkmanager::link": "aws_networkmanager_link",
- "aws::networkmanager::linkassociation": "aws_networkmanager_link_association",
- "aws::networkmanager::site": "aws_networkmanager_site",
- "aws::networkmanager::sitetositevpnattachment": "aws_networkmanager_site_to_site_vpn_attachment",
- "aws::networkmanager::transitgatewaypeering": "aws_networkmanager_transit_gateway_peering",
- "aws::networkmanager::transitgatewayregistration": "aws_networkmanager_transit_gateway_registration",
- "aws::networkmanager::transitgatewayroutetableattachment": "aws_networkmanager_transit_gateway_route_table_attachment", //nolint:lll
- "aws::networkmanager::vpcattachment": "aws_networkmanager_vpc_attachment",
- "aws::nimblestudio::launchprofile": "",
- "aws::nimblestudio::streamingimage": "",
- "aws::nimblestudio::studio": "",
- "aws::nimblestudio::studiocomponent": "",
- "aws::oam::link": "",
- "aws::oam::sink": "",
- "aws::omics::annotationstore": "",
- "aws::omics::referencestore": "",
- "aws::omics::rungroup": "",
- "aws::omics::sequencestore": "",
- "aws::omics::variantstore": "",
- "aws::omics::workflow": "",
- "aws::opensearchserverless::accesspolicy": "aws_opensearchserverless_access_policy",
- "aws::opensearchserverless::collection": "aws_opensearchserverless_collection",
- "aws::opensearchserverless::lifecyclepolicy": "aws_opensearchserverless_lifecycle_policy",
- "aws::opensearchserverless::securityconfig": "aws_opensearchserverless_security_config",
- "aws::opensearchserverless::securitypolicy": "aws_opensearchserverless_security_policy",
- "aws::opensearchserverless::vpcendpoint": "aws_opensearchserverless_vpc_endpoint",
- "aws::opensearchservice::domain": "aws_opensearch_domain",
- "aws::opsworks::app": "aws_opensearch_domain",
- "aws::opsworks::elasticloadbalancerattachment": "",
- "aws::opsworks::instance": "",
- "aws::opsworks::layer": "",
- "aws::opsworks::stack": "aws_opsworks_stack",
- "aws::opsworks::userprofile": "",
- "aws::opsworks::volume": "",
- "aws::opsworkscm::server": "",
- "aws::organizations::account": "aws_organizations_account",
- "aws::organizations::organization": "aws_organizations_organization",
- "aws::organizations::organizationalunit": "aws_organizations_organizational_unit",
- "aws::organizations::policy": "aws_organizations_policy",
- "aws::organizations::resourcepolicy": "aws_organizations_resource_policy",
- "aws::osis::pipeline": "aws_osis_pipeline",
- "aws::panorama::applicationinstance": "",
- "aws::panorama::package": "",
- "aws::panorama::packageversion": "",
- "aws::paymentcryptography::alias": "aws_paymentcryptography_key_alias",
- "aws::paymentcryptography::key": "aws_paymentcryptography_key",
- "aws::pcaconnectorad::connector": "",
- "aws::pcaconnectorad::directoryregistration": "",
- "aws::pcaconnectorad::serviceprincipalname": "",
- "aws::pcaconnectorad::template": "",
- "aws::pcaconnectorad::templategroupaccesscontrolentry": "",
- "aws::personalize::dataset": "",
- "aws::personalize::datasetgroup": "",
- "aws::personalize::schema": "",
- "aws::personalize::solution": "",
- "aws::pinpoint::admchannel": "aws_pinpoint_adm_channel",
- "aws::pinpoint::apnschannel": "aws_pinpoint_apns_channel",
- "aws::pinpoint::apnssandboxchannel": "",
- "aws::pinpoint::apnsvoipchannel": "aws_pinpoint_apns_voip_channel",
- "aws::pinpoint::apnsvoipsandboxchannel": "aws_pinpoint_apns_voip_sandbox_channel",
- "aws::pinpoint::app": "aws_pinpoint_app",
- "aws::pinpoint::applicationsettings": "",
- "aws::pinpoint::baiduchannel": "aws_pinpoint_baidu_channel",
- "aws::pinpoint::campaign": "",
- "aws::pinpoint::emailchannel": "aws_pinpoint_email_channel",
- "aws::pinpoint::emailtemplate": "",
- "aws::pinpoint::eventstream": "aws_pinpoint_event_stream",
- "aws::pinpoint::gcmchannel": "aws_pinpoint_gcm_channel",
- "aws::pinpoint::inapptemplate": "",
- "aws::pinpoint::pushtemplate": "",
- "aws::pinpoint::segment": "",
- "aws::pinpoint::smschannel": "",
- "aws::pinpoint::smstemplate": "aws_pinpoint_sms_channel",
- "aws::pinpoint::voicechannel": "",
- "aws::pinpointemail::configurationset": "",
- "aws::pinpointemail::configurationseteventdestination": "",
- "aws::pinpointemail::dedicatedippool": "",
- "aws::pinpointemail::identity": "",
- "aws::pipes::pipe": "aws_pipes_pipe",
- "aws::proton::environmentaccountconnection": "",
- "aws::proton::environmenttemplate": "",
- "aws::proton::servicetemplate": "",
- "aws::qbusiness::application": "",
- "aws::qbusiness::datasource": "",
- "aws::qbusiness::index": "",
- "aws::qbusiness::plugin": "",
- "aws::qbusiness::retriever": "",
- "aws::qbusiness::webexperience": "",
- "aws::qldb::ledger": "aws_qldb_ledger",
- "aws::qldb::stream": "aws_qldb_stream",
- "aws::quicksight::analysis": "aws_quicksight_analysis",
- "aws::quicksight::dashboard": "aws_quicksight_dashboard",
- "aws::quicksight::dataset": "aws_quicksight_data_set",
- "aws::quicksight::datasource": "aws_quicksight_data_source",
- "aws::quicksight::refreshschedule": "aws_quicksight_refresh_schedule",
- "aws::quicksight::template": "aws_quicksight_template",
- "aws::quicksight::theme": "aws_quicksight_theme",
- "aws::quicksight::topic": "",
- "aws::quicksight::vpcconnection": "",
- "aws::ram::permission": "",
- "aws::ram::resourceshare": "aws_ram_resource_share",
- "aws::rds::customdbengineversion": "",
- "aws::rds::dbcluster": "aws_rds_cluster",
- "aws::rds::dbclusterparametergroup": "aws_rds_cluster_parameter_group",
- "aws::rds::dbinstance": "aws_db_instance",
- "aws::rds::dbparametergroup": "aws_db_parameter_group",
- "aws::rds::dbproxy": "aws_db_proxy",
- "aws::rds::dbproxyendpoint": "aws_db_proxy_endpoint",
- "aws::rds::dbproxytargetgroup": "aws_db_proxy_default_target_group",
- "aws::rds::dbsecuritygroup": "",
- "aws::rds::dbsecuritygroupingress": "",
- "aws::rds::dbsubnetgroup": "aws_db_subnet_group",
- "aws::rds::eventsubscription": "",
- "aws::rds::globalcluster": "aws_rds_global_cluster",
- "aws::rds::integration": "aws_rds_integration",
- "aws::rds::optiongroup": "aws_db_option_group",
- "aws::redshift::cluster": "aws_redshift_cluster",
- "aws::redshift::clusterparametergroup": "",
- "aws::redshift::clustersecuritygroup": "",
- "aws::redshift::clustersecuritygroupingress": "",
- "aws::redshift::clustersubnetgroup": "",
- "aws::redshift::endpointaccess": "aws_redshift_endpoint_access",
- "aws::redshift::endpointauthorization": "aws_redshift_endpoint_authorization",
- "aws::redshift::eventsubscription": "aws_redshift_event_subscription",
- "aws::redshift::scheduledaction": "aws_redshift_scheduled_action",
- "aws::redshiftserverless::namespace": "aws_redshiftserverless_namespace",
- "aws::redshiftserverless::workgroup": "aws_redshiftserverless_workgroup",
- "aws::refactorspaces::application": "",
- "aws::refactorspaces::environment": "",
- "aws::refactorspaces::route": "",
- "aws::refactorspaces::service": "",
- "aws::rekognition::collection": "aws_rekognition_collection",
- "aws::rekognition::project": "aws_rekognition_project",
- "aws::rekognition::streamprocessor": "aws_rekognition_stream_processor",
- "aws::resiliencehub::app": "",
- "aws::resiliencehub::resiliencypolicy": "",
- "aws::resourceexplorer2::defaultviewassociation": "",
- "aws::resourceexplorer2::index": "aws_resourceexplorer2_index",
- "aws::resourceexplorer2::view": "aws_resourceexplorer2_view",
- "aws::resourcegroups::group": "aws_resourcegroups_group",
- "aws::robomaker::fleet": "",
- "aws::robomaker::robot": "",
- "aws::robomaker::robotapplication": "",
- "aws::robomaker::robotapplicationversion": "",
- "aws::robomaker::simulationapplication": "",
- "aws::robomaker::simulationapplicationversion": "",
- "aws::rolesanywhere::crl": "",
- "aws::rolesanywhere::profile": "aws_rolesanywhere_profile",
- "aws::rolesanywhere::trustanchor": "aws_rolesanywhere_trust_anchor",
- "aws::route53::cidrcollection": "aws_route53_cidr_collection",
- "aws::route53::dnssec": "aws_route53_hosted_zone_dnssec",
- "aws::route53::healthcheck": "aws_route53_health_check",
- "aws::route53::hostedzone": "aws_route53_zone",
- "aws::route53::keysigningkey": "aws_route53_key_signing_key",
- "aws::route53::recordset": "aws_route53_record",
- "aws::route53::recordsetgroup": "",
- "aws::route53profiles::profile": "",
- "aws::route53profiles::profileassociation": "",
- "aws::route53profiles::profileresourceassociation": "",
- "aws::route53recoverycontrol::cluster": "aws_route53recoverycontrolconfig_cluster",
- "aws::route53recoverycontrol::controlpanel": "aws_route53recoverycontrolconfig_control_panel",
- "aws::route53recoverycontrol::routingcontrol": "aws_route53recoverycontrolconfig_routing_control", //nolint:lll
- "aws::route53recoverycontrol::safetyrule": "aws_route53recoverycontrolconfig_safety_rule",
- "aws::route53recoveryreadiness::cell": "aws_route53recoveryreadiness_cell",
- "aws::route53recoveryreadiness::readinesscheck": "aws_route53recoveryreadiness_readiness_check",
- "aws::route53recoveryreadiness::recoverygroup": "aws_route53recoveryreadiness_recovery_group",
- "aws::route53recoveryreadiness::resourceset": "aws_route53recoveryreadiness_resource_set",
- "aws::route53resolver::firewalldomainlist": "",
- "aws::route53resolver::firewallrulegroup": "",
- "aws::route53resolver::firewallrulegroupassociation": "",
- "aws::route53resolver::outpostresolver": "",
- "aws::route53resolver::resolverconfig": "aws_route53_resolver_config",
- "aws::route53resolver::resolverdnssecconfig": "",
- "aws::route53resolver::resolverendpoint": "aws_route53_resolver_endpoint",
- "aws::route53resolver::resolverqueryloggingconfig": "aws_route53_resolver_query_log_config",
- "aws::route53resolver::resolverqueryloggingconfigassociation": "aws_route53_resolver_query_log_config_association",
- "aws::route53resolver::resolverrule": "aws_route53_resolver_rule",
- "aws::route53resolver::resolverruleassociation": "aws_route53_resolver_rule_association",
- "aws::rum::appmonitor": "aws_rum_app_monitor",
- "aws::s3::accessgrant": "aws_s3control_access_grant",
- "aws::s3::accessgrantsinstance": "aws_s3control_access_grants_instance",
- "aws::s3::accessgrantslocation": "aws_s3control_access_grants_location",
- "aws::s3::accesspoint": "aws_s3_access_point",
- "aws::s3::bucket": "aws_s3_bucket",
- "aws::s3::bucketpolicy": "aws_s3_bucket_policy",
- "aws::s3::multiregionaccesspoint": "aws_s3control_multi_region_access_point",
- "aws::s3::multiregionaccesspointpolicy": "aws_s3control_multi_region_access_point_policy",
- "aws::s3::storagelens": "",
- "aws::s3::storagelensgroup": "",
- "aws::s3express::bucketpolicy": "",
- "aws::s3express::directorybucket": "",
- "aws::s3objectlambda::accesspoint": "",
- "aws::s3objectlambda::accesspointpolicy": "",
- "aws::s3outposts::accesspoint": "",
- "aws::s3outposts::bucket": "",
- "aws::s3outposts::bucketpolicy": "",
- "aws::s3outposts::endpoint": "aws_s3outposts_endpoint",
- "aws::sagemaker::app": "aws_sagemaker_app",
- "aws::sagemaker::appimageconfig": "aws_sagemaker_app_image_config",
- "aws::sagemaker::coderepository": "aws_sagemaker_code_repository",
- "aws::sagemaker::dataqualityjobdefinition": "aws_sagemaker_data_quality_job_definition",
- "aws::sagemaker::device": "aws_sagemaker_device",
- "aws::sagemaker::devicefleet": "aws_sagemaker_device_fleet",
- "aws::sagemaker::domain": "aws_sagemaker_domain",
- "aws::sagemaker::endpoint": "aws_sagemaker_endpoint",
- "aws::sagemaker::endpointconfig": "aws_sagemaker_endpoint_configuration",
- "aws::sagemaker::featuregroup": "aws_sagemaker_feature_group",
- "aws::sagemaker::image": "aws_sagemaker_image",
- "aws::sagemaker::imageversion": "aws_sagemaker_image_version",
- "aws::sagemaker::inferencecomponent": "",
- "aws::sagemaker::inferenceexperiment": "",
- "aws::sagemaker::mlflowtrackingserver": "",
- "aws::sagemaker::model": "aws_sagemaker_model",
- "aws::sagemaker::modelbiasjobdefinition": "",
- "aws::sagemaker::modelcard": "",
- "aws::sagemaker::modelexplainabilityjobdefinition": "",
- "aws::sagemaker::modelpackage": "",
- "aws::sagemaker::modelpackagegroup": "aws_sagemaker_model_package_group",
- "aws::sagemaker::modelqualityjobdefinition": "",
- "aws::sagemaker::monitoringschedule": "aws_sagemaker_monitoring_schedule",
- "aws::sagemaker::notebookinstance": "aws_sagemaker_notebook_instance",
- "aws::sagemaker::notebookinstancelifecycleconfig": "aws_sagemaker_notebook_instance_lifecycle_configuration",
- "aws::sagemaker::pipeline": "aws_sagemaker_pipeline",
- "aws::sagemaker::project": "aws_sagemaker_project",
- "aws::sagemaker::space": "",
- "aws::sagemaker::userprofile": "aws_sagemaker_user_profile",
- "aws::sagemaker::workteam": "aws_sagemaker_workteam",
- "aws::scheduler::schedule": "aws_scheduler_schedule",
- "aws::scheduler::schedulegroup": "aws_scheduler_schedule_group",
- "aws::sdb::domain": "aws_simpledb_domain",
- "aws::secretsmanager::resourcepolicy": "aws_secretsmanager_secret_policy",
- "aws::secretsmanager::rotationschedule": "aws_secretsmanager_secret_rotation",
- "aws::secretsmanager::secret": "aws_secrets_manager_secret",
- "aws::secretsmanager::secrettargetattachment": "",
- "aws::securityhub::automationrule": "aws_securityhub_automation_rule",
- "aws::securityhub::configurationpolicy": "aws_securityhub_configuration_policy",
- "aws::securityhub::delegatedadmin": "",
- "aws::securityhub::findingaggregator": "aws_securityhub_finding_aggregator",
- "aws::securityhub::hub": "",
- "aws::securityhub::insight": "aws_securityhub_insight",
- "aws::securityhub::organizationconfiguration": "aws_securityhub_organization_configuration",
- "aws::securityhub::policyassociation": "",
- "aws::securityhub::productsubscription": "aws_securityhub_product_subscription",
- "aws::securityhub::securitycontrol": "",
- "aws::securityhub::standard": "aws_securityhub_standards_control",
- "aws::securitylake::awslogsource": "aws_securitylake_aws_log_source",
- "aws::securitylake::datalake": "aws_securitylake_data_lake",
- "aws::securitylake::subscriber": "aws_securitylake_subscriber",
- "aws::securitylake::subscribernotification": "aws_securitylake_subscriber_notification",
- "aws::servicecatalog::acceptedportfolioshare": "",
- "aws::servicecatalog::cloudformationproduct": "",
- "aws::servicecatalog::cloudformationprovisionedproduct": "",
- "aws::servicecatalog::launchnotificationconstraint": "",
- "aws::servicecatalog::launchroleconstraint": "",
- "aws::servicecatalog::launchtemplateconstraint": "",
- "aws::servicecatalog::portfolio": "aws_service_catalog_portfolio",
- "aws::servicecatalog::portfolioprincipalassociation": "",
- "aws::servicecatalog::portfolioproductassociation": "aws_service_catalog_product_portfolio_association",
- "aws::servicecatalog::portfolioshare": "aws_service_catalog_portfolio_share",
- "aws::servicecatalog::resourceupdateconstraint": "",
- "aws::servicecatalog::serviceaction": "aws_servicecatalog_service_action",
- "aws::servicecatalog::serviceactionassociation": "",
- "aws::servicecatalog::stacksetconstraint": "",
- "aws::servicecatalog::tagoption": "aws_service_catalog_tag_option",
- "aws::servicecatalog::tagoptionassociation": "aws_service_catalog_tag_option_association",
- "aws::servicecatalogappregistry::application": "aws_servicecatalogappregistry_application",
- "aws::servicecatalogappregistry::attributegroup": "",
- "aws::servicecatalogappregistry::attributegroupassociation": "",
- "aws::servicecatalogappregistry::resourceassociation": "",
- "aws::servicediscovery::httpnamespace": "aws_service_discovery_http_namespace",
- "aws::servicediscovery::instance": "aws_service_discovery_instance",
- "aws::servicediscovery::privatednsnamespace": "aws_service_discovery_private_dns_namespace",
- "aws::servicediscovery::publicdnsnamespace": "aws_service_discovery_public_dns_namespace",
- "aws::servicediscovery::service": "aws_service_discovery_service",
- "aws::ses::configurationset": "aws_ses_configuration_set",
- "aws::ses::configurationseteventdestination": "",
- "aws::ses::contactlist": "",
- "aws::ses::dedicatedippool": "",
- "aws::ses::emailidentity": "",
- "aws::ses::mailmanageraddoninstance": "",
- "aws::ses::mailmanageraddonsubscription": "",
- "aws::ses::mailmanagerarchive": "",
- "aws::ses::mailmanageringresspoint": "",
- "aws::ses::mailmanagerrelay": "",
- "aws::ses::mailmanagerruleset": "",
- "aws::ses::mailmanagertrafficpolicy": "",
- "aws::ses::receiptfilter": "aws_ses_receipt_filter",
- "aws::ses::receiptrule": "aws_ses_receipt_rule",
- "aws::ses::receiptruleset": "",
- "aws::ses::template": "aws_ses_template",
- "aws::ses::vdmattributes": "",
- "aws::shield::drtaccess": "",
- "aws::shield::proactiveengagement": "aws_shield_proactive_engagement",
- "aws::shield::protection": "aws_shield_protection",
- "aws::shield::protectiongroup": "aws_shield_protection_group",
- "aws::signer::profilepermission": "",
- "aws::signer::signingprofile": "",
- "aws::simspaceweaver::simulation": "",
- "aws::sns::subscription": "aws_sns_subscription",
- "aws::sns::topic": "aws_sns_topic",
- "aws::sns::topicinlinepolicy": "",
- "aws::sns::topicpolicy": "aws_sns_topic_policy",
- "aws::sqs::queue": "aws_sqs_queue",
- "aws::sqs::queueinlinepolicy": "",
- "aws::sqs::queuepolicy": "aws_sqs_queue_policy",
- "aws::ssm::association": "aws_ssm_association",
- "aws::ssm::document": "aws_ssm_document",
- "aws::ssm::maintenancewindow": "aws_ssm_maintenance_window",
- "aws::ssm::maintenancewindowtarget": "aws_ssm_maintenance_window_target",
- "aws::ssm::maintenancewindowtask": "aws_ssm_maintenance_window_task",
- "aws::ssm::parameter": "aws_ssm_parameter",
- "aws::ssm::patchbaseline": "aws_ssm_patch_baseline",
- "aws::ssm::resourcedatasync": "aws_ssm_resource_data_sync",
- "aws::ssm::resourcepolicy": "",
- "aws::ssmcontacts::contact": "aws_ssmcontacts_contact",
- "aws::ssmcontacts::contactchannel": "aws_ssmcontacts_contact_channel",
- "aws::ssmcontacts::plan": "aws_ssmcontacts_plan",
- "aws::ssmcontacts::rotation": "aws_ssmcontacts_rotation",
- "aws::ssmincidents::replicationset": "aws_ssmincidents_replication_set",
- "aws::ssmincidents::responseplan": "aws_ssmincidents_response_plan",
- "aws::sso::application": "aws_ssoadmin_application",
- "aws::sso::applicationassignment": "aws_ssoadmin_application_assignment",
- "aws::sso::assignment": "",
- "aws::sso::instance": "",
- "aws::sso::instanceaccesscontrolattributeconfiguration": "",
- "aws::sso::permissionset": "aws_ssoadmin_permission_set",
- "aws::stepfunctions::activity": "aws_sfn_activity",
- "aws::stepfunctions::statemachine": "aws_sfn_state_machine",
- "aws::stepfunctions::statemachinealias": "aws_sfn_alias",
- "aws::supportapp::accountalias": "",
- "aws::supportapp::slackchannelconfiguration": "",
- "aws::supportapp::slackworkspaceconfiguration": "",
- "aws::synthetics::canary": "aws_synthetics_canary",
- "aws::synthetics::group": "aws_synthetics_group",
- "aws::systemsmanagersap::application": "",
- "aws::timestream::database": "aws_timestreamwrite_database",
- "aws::timestream::influxdbinstance": "aws_timestreaminfluxdb_db_instance",
- "aws::timestream::scheduledquery": "",
- "aws::timestream::table": "aws_timestreamwrite_table",
- "aws::transfer::agreement": "aws_transfer_agreement",
- "aws::transfer::certificate": "aws_transfer_certificate",
- "aws::transfer::connector": "aws_transfer_connector",
- "aws::transfer::profile": "aws_transfer_profile",
- "aws::transfer::server": "aws_transfer_server",
- "aws::transfer::user": "aws_transfer_user",
- "aws::transfer::workflow": "aws_transfer_workflow",
- "aws::verifiedpermissions::identitysource": "aws_verifiedpermissions_identity_source",
- "aws::verifiedpermissions::policy": "aws_verifiedpermissions_policy",
- "aws::verifiedpermissions::policystore": "aws_verifiedpermissions_policy_store",
- "aws::verifiedpermissions::policytemplate": "aws_verifiedpermissions_policy_template",
- "aws::voiceid::domain": "",
- "aws::vpclattice::accesslogsubscription": "aws_vpclattice_access_log_subscription",
- "aws::vpclattice::authpolicy": "aws_vpclattice_auth_policy",
- "aws::vpclattice::listener": "aws_vpclattice_listener",
- "aws::vpclattice::resourcepolicy": "aws_vpclattice_resource_policy",
- "aws::vpclattice::rule": "aws_vpclattice_listener_rule",
- "aws::vpclattice::service": "aws_vpclattice_service",
- "aws::vpclattice::servicenetwork": "aws_vpclattice_service_network",
- "aws::vpclattice::servicenetworkserviceassociation": "aws_vpclattice_service_network_service_association", //nolint:lll
- "aws::vpclattice::servicenetworkvpcassociation": "aws_vpclattice_service_network_vpc_association",
- "aws::vpclattice::targetgroup": "aws_vpclattice_target_group",
- "aws::waf::bytematchset": "aws_waf_byte_match_set",
- "aws::waf::ipset": "aws_waf_ipset",
- "aws::waf::rule": "aws_waf_rule",
- "aws::waf::sizeconstraintset": "aws_waf_size_constraint_set",
- "aws::waf::sqlinjectionmatchset": "aws_waf_sql_injection_match_set",
- "aws::waf::webacl": "aws_waf_web_acl",
- "aws::waf::xssmatchset": "aws_waf_xss_match_set",
- "aws::wafregional::bytematchset": "aws_wafregional_byte_match_set",
- "aws::wafregional::geomatchset": "aws_wafregional_geo_match_set",
- "aws::wafregional::ipset": "aws_wafregional_ipset",
- "aws::wafregional::ratebasedrule": "aws_wafregional_rate_based_rule",
- "aws::wafregional::regexpatternset": "aws_wafregional_regex_match_set",
- "aws::wafregional::rule": "aws_wafregional_rule",
- "aws::wafregional::sizeconstraintset": "aws_wafregional_size_constraint_set",
- "aws::wafregional::sqlinjectionmatchset": "aws_wafregional_sql_injection_match_set",
- "aws::wafregional::webacl": "aws_wafregional_web_acl",
- "aws::wafregional::webaclassociation": "aws_wafregional_web_acl_association",
- "aws::wafregional::xssmatchset": "aws_wafregional_xss_match_set",
- "aws::wafv2::ipset": "aws_wafv2_ip_set",
- "aws::wafv2::loggingconfiguration": "",
- "aws::wafv2::regexpatternset": "aws_wafv2_regex_pattern_set",
- "aws::wafv2::rulegroup": "aws_wafv2_rule_group",
- "aws::wafv2::webacl": "aws_wafv2_web_acl",
- "aws::wafv2::webaclassociation": "aws_wafv2_webacl_association",
- "aws::wisdom::assistant": "",
- "aws::wisdom::assistantassociation": "",
- "aws::wisdom::knowledgebase": "",
- "aws::workspaces::connectionalias": "aws_workspaces_connection_alias",
- "aws::workspaces::workspace": "aws_workspaces_workspace",
- "aws::workspaces::workspacespool": "",
- "aws::workspacesthinclient::environment": "",
- "aws::workspacesweb::browsersettings": "",
- "aws::workspacesweb::identityprovider": "",
- "aws::workspacesweb::ipaccesssettings": "",
- "aws::workspacesweb::networksettings": "",
- "aws::workspacesweb::portal": "",
- "aws::workspacesweb::truststore": "",
- "aws::workspacesweb::useraccessloggingsettings": "",
- "aws::workspacesweb::usersettings": "",
- "aws::xray::group": "aws_xray_group",
- "aws::xray::resourcepolicy": "",
- "aws::xray::samplingrule": "aws_xray_sampling_rule",
- // add more
- "microsoft.aad/domainservices": "azurerm_active_directory_domain_service",
- "microsoft.analysisservices/servers": "azurerm_analysis_services_server",
- "microsoft.apimanagement/service": "azurerm_api_management",
- "microsoft.app/containerapps": "azurerm_container_app",
- "microsoft.app/managedenvironments": "azurerm_container_app_environment",
- "microsoft.authorization/roleassignments": "azurerm_role_assignment",
- "microsoft.authorization/roledefinitions": "azurerm_role_definition",
- "microsoft.cognitiveservices/accounts": "azurerm_cognitive_account",
- "microsoft.compute/availabilitysets": "azurerm_availability_set",
- "microsoft.compute/disks": "azurerm_managed_disk",
- "microsoft.compute/virtualmachines": "azurerm_virtual_machine",
- "microsoft.compute/virtualmachines/extensions": "azurerm_virtual_machine_extension",
- "microsoft.compute/virtualmachinescalesets": "azurerm_linux_virtual_machine_scale_set",
- "microsoft.containerregistry/registries": "azurerm_container_registry",
- "microsoft.containerservice/managedclusters": "azurerm_kubernetes_cluster",
- "microsoft.documentdb/databaseaccounts": "azurerm_cosmosdb_account",
- "microsoft.insights/activitylogalerts": "azurerm_monitor_activity_log_alert",
- "microsoft.keyvault/vaults": "azurerm_key_vault",
- "microsoft.managedidentity/userassignedidentities": "azurerm_user_assigned_identity",
- "microsoft.network/applicationgateways": "azurerm_application_gateway",
- "microsoft.network/applicationgateways/authenticationcertificates": "azurerm_application_gateway",
- "microsoft.network/applicationgateways/backendaddresspools": "azurerm_network_interface_application_gateway_backend_address_pool_association", //nolint:lll
- "microsoft.network/applicationgateways/backendhttpsettingscollection": "azurerm_application_gateway",
- "microsoft.network/applicationgateways/frontendipconfigurations": "azurerm_application_gateway",
- "microsoft.network/applicationgateways/frontendports": "azurerm_application_gateway",
- "microsoft.network/applicationgateways/httplisteners": "azurerm_application_gateway",
- "microsoft.network/applicationgateways/sslcertificates": "azurerm_application_gateway",
- "microsoft.network/applicationgatewaywebapplicationfirewallpolicies": "azurerm_web_application_firewall_policy",
- "microsoft.network/bastionhosts": "azurerm_bastion_host",
- "microsoft.network/networkinterfaces": "azurerm_network_interface",
- "microsoft.network/networksecuritygroups": "azurerm_network_security_group",
- "microsoft.network/networksecuritygroups/securityrules": "azurerm_network_security_rule",
- "microsoft.network/privatednszones": "azurerm_private_dns_zone",
- "microsoft.network/privateendpoints": "azurerm_private_endpoint",
- "microsoft.network/privateendpoints/privatednszonegroups": "azurerm_private_endpoint",
- "microsoft.network/publicipaddresses": "azurerm_public_ip",
- "microsoft.network/virtualnetworks": "azurerm_virtual_network",
- "microsoft.network/virtualnetworks/subnets": "azurerm_subnet",
- "microsoft.operationalinsights/workspaces": "azurerm_log_analytics_workspace",
- "microsoft.operationsmanagement/solutions": "azurerm_log_analytics_solution",
- "microsoft.resources/deployments": "azurerm_template_deployment",
- "microsoft.servicebus/namespaces": "azurerm_servicebus_namespace",
- "microsoft.servicebus/namespaces/authorizationRules": "azurerm_servicebus_namespace_authorization_rule", //nolint:lll
- "microsoft.servicebus/namespaces/queues": "azurerm_servicebus_queue",
- "microsoft.storage/storageaccounts": "azurerm_storage_account",
+ if resource == "" {
+ return nil, &missingResourceError{
+ Resource: resource,
+ }
}
+ var result string
+
if reverse {
- Reversed := reverseMap(Lookup)
+ Reversed := reverseMap(lookupMapping)
result = Reversed[resource]
} else {
- result = Lookup[strings.TrimSuffix(strings.ToLower(resource), "/")]
+ result = lookupMapping[strings.TrimSuffix(strings.ToLower(resource), "/")]
}
- var err error
-
if result == "" {
return nil, &missingResourceError{
Resource: resource,
}
}
- return &result, err
+ return &result, nil
}
+// reverseMap creates a new map with keys and values swapped.
+// It assumes unique values in the input map to avoid conflicts.
func reverseMap(m map[string]string) map[string]string {
n := make(map[string]string, len(m))
for k, v := range m {
diff --git a/src/see/lookup_test.go b/src/see/lookup_test.go
index 34a788d..4a8c25a 100644
--- a/src/see/lookup_test.go
+++ b/src/see/lookup_test.go
@@ -1,8 +1,18 @@
package see
import (
+ "archive/zip"
+ "encoding/json"
+ "fmt"
+ "io"
+ "net/http"
+ "os"
+ "path/filepath"
"reflect"
+ "strings"
"testing"
+
+ "github.com/rs/zerolog/log"
)
func TestLookup(t *testing.T) {
@@ -16,6 +26,7 @@ func TestLookup(t *testing.T) {
result := "aws_appautoscaling_target"
myServiceBus := "azurerm_servicebus_namespace"
reverse := "aws::efs::filesystem"
+ none := "none"
tests := []struct {
name string
@@ -24,6 +35,7 @@ func TestLookup(t *testing.T) {
wantErr bool
}{
{name: "Pass", args: args{"AWS::ApplicationAutoScaling::ScalableTarget", false}, want: &result, wantErr: false},
+ {name: "None", args: args{"alexa::ask::skill", false}, want: &none, wantErr: false},
{name: "Pass", args: args{"Microsoft.ServiceBus/namespaces/", false}, want: &myServiceBus, wantErr: false},
{name: "Fail", args: args{"AWS::Guff::Guffing", false}, want: nil, wantErr: true},
{name: "Reverse", args: args{resource: "aws_efs_file_system", reverse: true}, want: &reverse, wantErr: false},
@@ -48,3 +60,147 @@ func TestLookup(t *testing.T) {
})
}
}
+
+func extract(filename string, destination string) error {
+ archive, err := zip.OpenReader(filename)
+ if err != nil {
+ panic(err)
+ }
+ defer archive.Close()
+
+ for _, f := range archive.File {
+ filePath := filepath.Join(destination, f.Name)
+
+ if !strings.HasPrefix(filePath, filepath.Clean(destination)+string(os.PathSeparator)) {
+ return fmt.Errorf("invalid file path")
+ }
+
+ if f.FileInfo().IsDir() {
+ fmt.Println("creating directory...")
+ _ = os.MkdirAll(filePath, os.ModePerm)
+ continue
+ }
+
+ if err := os.MkdirAll(filepath.Dir(filePath), os.ModePerm); err != nil {
+ panic(err)
+ }
+
+ dstFile, err := os.OpenFile(filePath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, f.Mode())
+ if err != nil {
+ return err
+ }
+
+ fileInArchive, err := f.Open()
+ if err != nil {
+ return err
+ }
+
+ if _, err := io.Copy(dstFile, fileInArchive); err != nil {
+ return err
+ }
+
+ err = dstFile.Close()
+ if err != nil {
+ return err
+ }
+
+ err = fileInArchive.Close()
+ if err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func UpdateSchema(directory string) {
+ zipArchive := "schema.zip"
+ destination := filepath.Join(directory, zipArchive)
+ err := DownloadFile(
+ "https://schema.cloudformation.us-east-1.amazonaws.com/CloudformationSchema.zip", destination)
+
+ if err != nil {
+ log.Fatal().Msg("failed to update schema")
+ }
+
+ err = extract(destination, directory)
+ if err != nil {
+ return
+ }
+}
+
+func TestLookupAll(t *testing.T) {
+ t.Parallel()
+ directory := "../../schema"
+
+ UpdateSchema(directory)
+
+ files, err := os.ReadDir(directory)
+
+ if err != nil {
+ log.Warn().Msgf("failed to find files at %s", directory)
+ }
+
+ for _, file := range files {
+ //has file extension JSON
+ //has lookup
+ if strings.Contains(file.Name(), ".json") {
+ fileName := filepath.Join(directory, file.Name())
+ content, err := os.ReadFile(fileName)
+ if err != nil {
+ log.Warn().Msgf("file is empty %s", file.Name())
+ }
+
+ var result map[string]interface{}
+ err = json.Unmarshal(content, &result)
+
+ if err != nil {
+ log.Error().Msgf("failed to parse %s", fileName)
+ return
+ }
+
+ typeName := strings.ToLower(result["typeName"].(string))
+
+ _, err = Lookup(typeName, false)
+
+ if err != nil {
+
+ var s strings.Builder
+ s.WriteString("\"")
+ s.WriteString(typeName)
+ s.WriteString("\": \"\",")
+ fmt.Println(s.String())
+ t.Errorf("Lookup incomplete %s", typeName)
+ }
+ }
+ }
+
+ // got, err := Lookup(tt.args.resource, tt.args.reverse)
+
+}
+
+func DownloadFile(url string, filepath string) error {
+ // Create the file
+ out, err := os.Create(filepath)
+ if err != nil {
+ return err
+ }
+
+ defer out.Close()
+
+ // Get the data
+ resp, err := http.Get(url)
+ if err != nil {
+ return err
+ }
+
+ defer resp.Body.Close()
+
+ // Write the body to file
+ _, err = io.Copy(out, resp.Body)
+ if err != nil {
+ return err
+ }
+
+ return nil
+}
diff --git a/src/see/resource_mapping.go b/src/see/resource_mapping.go
new file mode 100644
index 0000000..eb63e8b
--- /dev/null
+++ b/src/see/resource_mapping.go
@@ -0,0 +1,1452 @@
+package see
+
+//goland:noinspection GoLinter
+var lookupMapping = map[string]string{
+ "alexa::ask::skill": none,
+ "aws::accessanalyzer::analyzer": "aws_accessanalyzer_analyzer",
+ "aws::acmpca::certificate": "aws_acmpca_certificate",
+ "aws::acmpca::certificateauthority": "aws_acmpca_certificate_authority",
+ "aws::acmpca::certificateauthorityactivation": "aws_acmpca_certificate_authority_certificate",
+ "aws::acmpca::permission": "aws_acmpca_permission",
+ "aws::amazonmq::broker": "aws_mq_broker",
+ "aws::amazonmq::configuration": "aws_mq_configuration",
+ "aws::amazonmq::configurationassociation": "aws_mq_broker",
+ "aws::amplify::app": "aws_amplify_app",
+ "aws::amplify::branch": "aws_amplify_branch",
+ "aws::amplify::domain": "aws_amplify_domain",
+ "aws::amplifyuibuilder::component": none,
+ "aws::amplifyuibuilder::form": none,
+ "aws::amplifyuibuilder::theme": none,
+ "aws::apigateway::account": "aws_api_gateway_account",
+ "aws::apigateway::apikey": "aws_api_gateway_api_key",
+ "aws::apigateway::authorizer": "aws_api_gateway_authorizer",
+ "aws::apigateway::basepathmapping": "aws_api_gateway_base_path_mapping",
+ "aws::apigateway::basepathmappingv2": none,
+ "aws::apigateway::clientcertificate": "aws_api_gateway_client_certificate",
+ "aws::apigateway::deployment": "aws_api_gateway_deployment",
+ "aws::apigateway::documentationpart": "aws_api_gateway_documentation_part",
+ "aws::apigateway::documentationversion": "aws_api_gateway_documentation_version",
+ "aws::apigateway::domainname": "aws_api_gateway_domain_name",
+ "aws::apigateway::domainnameaccessassociation": none,
+ "aws::apigateway::domainnamev2": none,
+ "aws::apigateway::gatewayresponse": "aws_api_gateway_gateway_response",
+ "aws::apigateway::method": "aws_api_gateway_method",
+ "aws::apigateway::model": "aws_api_gateway_model",
+ "aws::apigateway::requestvalidator": "aws_api_gateway_request_validator",
+ "aws::apigateway::resource": "aws_api_gateway_resource",
+ "aws::apigateway::restapi": "aws_api_gateway_rest_api",
+ "aws::apigateway::stage": "aws_api_gateway_stage",
+ "aws::apigateway::usageplan": "aws_api_gateway_usage_plan",
+ "aws::apigateway::usageplankey": "aws_api_gateway_usage_plan_key",
+ "aws::apigateway::vpclink": "aws_api_gateway_vpc_link",
+ "aws::apigatewayv2::api": "aws_apigatewayv2_api",
+ "aws::apigatewayv2::apigatewaymanagedoverrides": none,
+ "aws::apigatewayv2::apimapping": "aws_apigatewayv2_api_mapping",
+ "aws::apigatewayv2::authorizer": "aws_apigatewayv2_authorizer",
+ "aws::apigatewayv2::deployment": "aws_apigatewayv2_deployment",
+ "aws::apigatewayv2::domainname": "aws_apigatewayv2_domain_name",
+ "aws::apigatewayv2::integration": "aws_apigatewayv2_integration",
+ "aws::apigatewayv2::integrationresponse": "aws_apigatewayv2_integration_response",
+ "aws::apigatewayv2::model": "aws_apigatewayv2_model",
+ "aws::apigatewayv2::route": "aws_apigatewayv2_route",
+ "aws::apigatewayv2::routeresponse": "aws_apigatewayv2_route_response",
+ "aws::apigatewayv2::stage": "aws_apigatewayv2_stage",
+ "aws::apigatewayv2::vpclink": "aws_apigatewayv2_vpc_link",
+ "aws::appconfig::application": "aws_appconfig_application",
+ "aws::appconfig::configurationprofile": "aws_appconfig_configuration_profile",
+ "aws::appconfig::deployment": "aws_appconfig_deployment",
+ "aws::appconfig::deploymentstrategy": "aws_appconfig_deployment_strategy",
+ "aws::appconfig::environment": "aws_appconfig_environment",
+ "aws::appconfig::extension": "aws_appconfig_extension",
+ "aws::appconfig::extensionassociation": "aws_appconfig_extension_association",
+ "aws::appconfig::hostedconfigurationversion": "aws_appconfig_hosted_configuration_version",
+ "aws::appflow::connector": none,
+ "aws::appflow::connectorprofile": "aws_appflow_connector_profile",
+ "aws::appflow::flow": "aws_appflow_flow",
+ "aws::appintegrations::application": none,
+ "aws::appintegrations::dataintegration": "aws_appintegrations_data_integration",
+ "aws::appintegrations::eventintegration": "aws_appintegrations_event_integration",
+ "aws::applicationautoscaling::scalabletarget": "aws_appautoscaling_target",
+ "aws::applicationautoscaling::scalingpolicy": "aws_appAutoscaling_policy",
+ "aws::applicationinsights::application": "aws_applicationinsights_application",
+ "aws::applicationsignals::discovery": none,
+ "aws::applicationsignals::servicelevelobjective": none,
+ "aws::appmesh::gatewayroute": "aws_appmesh_gateway_route",
+ "aws::appmesh::mesh": "aws_appmesh_mesh",
+ "aws::appmesh::route": "aws_appmesh_route",
+ "aws::appmesh::virtualgateway": "aws_appmesh_virtual_gateway",
+ "aws::appmesh::virtualnode": "aws_appmesh_virtual_node",
+ "aws::appmesh::virtualrouter": "aws_appmesh_virtual_router",
+ "aws::appmesh::virtualservice": "aws_appmesh_virtual_service",
+ "aws::apprunner::autoscalingconfiguration": "aws_apprunner_auto_scaling_configuration_version",
+ "aws::apprunner::observabilityconfiguration": "aws_apprunner_observability_configuration",
+ "aws::apprunner::service": "aws_apprunner_service",
+ "aws::apprunner::vpcconnector": "aws_apprunner_vpc_connector",
+ "aws::apprunner::vpcingressconnection": "aws_apprunner_vpc_ingress_connection",
+ "aws::appstream::appblock": none,
+ "aws::appstream::appblockbuilder": none,
+ "aws::appstream::application": none,
+ "aws::appstream::applicationentitlementassociation": none,
+ "aws::appstream::applicationfleetassociation": none,
+ "aws::appstream::directoryconfig": none,
+ "aws::appstream::entitlement": none,
+ "aws::appstream::fleet": "aws_appstream_fleet",
+ "aws::appstream::imagebuilder": "aws_appstream_image_builder",
+ "aws::appstream::stack": "aws_appstream_stack",
+ "aws::appstream::stackfleetassociation": "aws_appstream_fleet_stack_association",
+ "aws::appstream::stackuserassociation": "aws_appstream_user_stack_association",
+ "aws::appstream::user": "aws_appstream_user",
+ "aws::appsync::api": none,
+ "aws::appsync::apicache": "aws_appsync_api_cache",
+ "aws::appsync::apikey": "aws_appsync_api_key",
+ "aws::appsync::channelnamespace": none,
+ "aws::appsync::datasource": "aws_appsync_datasource",
+ "aws::appsync::domainname": "aws_appsync_domain_name",
+ "aws::appsync::domainnameapiassociation": "aws_appsync_domain_name_api_association",
+ "aws::appsync::functionconfiguration": "aws_appsync_function",
+ "aws::appsync::graphqlapi": "aws_appsync_graphql_api",
+ "aws::appsync::graphqlschema": none,
+ "aws::appsync::resolver": "aws_appsync_resolver",
+ "aws::appsync::sourceapiassociation": "aws_appsync_resolver_api_association",
+ "aws::apptest::testcase": none,
+ "aws::aps::rulegroupsnamespace": none,
+ "aws::aps::scraper": none,
+ "aws::aps::workspace": none,
+ "aws::arczonalshift::autoshiftobservernotificationstatus": none,
+ "aws::arczonalshift::zonalautoshiftconfiguration": none,
+ "aws::athena::capacityreservation": none,
+ "aws::athena::datacatalog": "aws_athena_data_catalog",
+ "aws::athena::namedquery": "aws_athena_named_query",
+ "aws::athena::preparedstatement": "aws_athena_prepared_statement",
+ "aws::athena::workgroup": "aws_athena_workgroup",
+ "aws::auditmanager::assessment": "aws_auditmanager_assessment",
+ "aws::autoscaling::autoscalinggroup": "aws_autoscaling_group",
+ "aws::autoscaling::launchconfiguration": "aws_launch_configuration",
+ "aws::autoscaling::lifecyclehook": "aws_autoscaling_lifecycle_hook",
+ "aws::autoscaling::scalingpolicy": "aws_autoscaling_policy",
+ "aws::autoscaling::scheduledaction": "aws_autoscaling_schedule",
+ "aws::autoscaling::warmpool": none,
+ "aws::autoscalingplans::scalingplan": "aws_autoscalingplans_scaling_plan",
+ "aws::b2bi::capability": none,
+ "aws::b2bi::partnership": none,
+ "aws::b2bi::profile": none,
+ "aws::b2bi::transformer": none,
+ "aws::backup::backupplan": "aws_backup_plan",
+ "aws::backup::backupselection": "aws_backup_selection",
+ "aws::backup::backupvault": "aws_backup_vault",
+ "aws::backup::framework": "aws_backup_framework",
+ "aws::backup::logicallyairgappedbackupvault": "aws_backup_logically_air_gapped_vault",
+ "aws::backup::reportplan": "aws_backup_report_plan",
+ "aws::backup::restoretestingplan": none,
+ "aws::backup::restoretestingselection": none,
+ "aws::backupgateway::hypervisor": none,
+ "aws::batch::computeenvironment": "aws_batch_compute_environment",
+ "aws::batch::consumableresource": none,
+ "aws::batch::jobdefinition": "aws_batch_job_definition",
+ "aws::batch::jobqueue": "aws_batch_job_queue",
+ "aws::batch::schedulingpolicy": "aws_batch_scheduling_policy",
+ "aws::bcmdataexports::export": "aws_bcmdataexports_export",
+ "aws::bedrock::agent": "aws_bedrockagent_agent",
+ "aws::bedrock::agentalias": "aws_bedrockagent_agent_alias",
+ "aws::bedrock::applicationinferenceprofile": none,
+ "aws::bedrock::blueprint": none,
+ "aws::bedrock::dataautomationproject": none,
+ "aws::bedrock::datasource": "aws_bedrockagent_data_source",
+ "aws::bedrock::flow": none,
+ "aws::bedrock::flowalias": none,
+ "aws::bedrock::flowversion": none,
+ "aws::bedrock::guardrail": none,
+ "aws::bedrock::guardrailversion": none,
+ "aws::bedrock::knowledgebase": "aws_bedrockagent_knowledge_base",
+ "aws::bedrock::prompt": none,
+ "aws::bedrock::promptversion": none,
+ "aws::billingconductor::billinggroup": none,
+ "aws::billingconductor::customlineitem": none,
+ "aws::billingconductor::pricingplan": none,
+ "aws::billingconductor::pricingrule": none,
+ "aws::budgets::budget": "aws_budgets_budget",
+ "aws::budgets::budgetsaction": "aws_budgets_budget_action",
+ "aws::cassandra::keyspace": "aws_keyspaces_keyspace",
+ "aws::cassandra::table": "aws_keyspaces_table",
+ "aws::cassandra::type": none,
+ "aws::ce::anomalymonitor": "aws_ce_anomaly_monitor",
+ "aws::ce::anomalysubscription": "aws_ce_anomaly_subscription",
+ "aws::ce::costcategory": "aws_ce_cost_category",
+ "aws::certificatemanager::account": none,
+ "aws::certificatemanager::certificate": "aws_acm_certificate",
+ "aws::chatbot::customaction": none,
+ "aws::chatbot::microsoftteamschannelconfiguration": "aws_chatbot_teams_channel_configuration",
+ "aws::chatbot::slackchannelconfiguration": "aws_chatbot_slack_channel_configuration",
+ "aws::cleanrooms::analysistemplate": none,
+ "aws::cleanrooms::collaboration": "aws_cleanrooms_collaboration",
+ "aws::cleanrooms::configuredtable": "aws_cleanrooms_configured_table",
+ "aws::cleanrooms::configuredtableassociation": none,
+ "aws::cleanrooms::idmappingtable": none,
+ "aws::cleanrooms::idnamespaceassociation": none,
+ "aws::cleanrooms::membership": none,
+ "aws::cleanrooms::privacybudgettemplate": none,
+ "aws::cleanroomsml::trainingdataset": none,
+ "aws::cloud9::environmentec2": "aws_cloud9_environment_ec2",
+ "aws::cloudformation::customresource": none,
+ "aws::cloudformation::guardhook": none,
+ "aws::cloudformation::hookdefaultversion": none,
+ "aws::cloudformation::hooktypeconfig": none,
+ "aws::cloudformation::hookversion": none,
+ "aws::cloudformation::lambdahook": none,
+ "aws::cloudformation::macro": none,
+ "aws::cloudformation::moduledefaultversion": none,
+ "aws::cloudformation::moduleversion": none,
+ "aws::cloudformation::publictypeversion": none,
+ "aws::cloudformation::publisher": none,
+ "aws::cloudformation::resourcedefaultversion": none,
+ "aws::cloudformation::resourceversion": none,
+ "aws::cloudformation::stack": "aws_cloudformation_stack",
+ "aws::cloudformation::stackset": "aws_cloudformation_stack_set",
+ "aws::cloudformation::typeactivation": none,
+ "aws::cloudformation::waitcondition": none,
+ "aws::cloudformation::waitconditionhandle": none,
+ "aws::cloudfront::anycastiplist": none,
+ "aws::cloudfront::cachepolicy": "aws_cloudfront_cache_policy",
+ "aws::cloudfront::cloudfrontoriginaccessidentity": "aws_cloudfront_origin_access_identity",
+ "aws::cloudfront::continuousdeploymentpolicy": "aws_cloudfront_continuous_deployment_policy",
+ "aws::cloudfront::distribution": "aws_cloudfront_distribution",
+ "aws::cloudfront::function": "aws_cloudfront_function",
+ "aws::cloudfront::keygroup": "aws_cloudfront_key_group",
+ "aws::cloudfront::keyvaluestore": "aws_cloudfront_key_value_store",
+ "aws::cloudfront::monitoringsubscription": "aws_cloudfront_monitoring_subscription",
+ "aws::cloudfront::originaccesscontrol": "aws_cloudfront_origin_access_control",
+ "aws::cloudfront::originrequestpolicy": "aws_cloudfront_origin_request_policy",
+ "aws::cloudfront::publickey": "aws_cloudfront_public_key",
+ "aws::cloudfront::realtimelogconfig": "aws_cloudfront_realtime_log_config",
+ "aws::cloudfront::responseheaderspolicy": "aws_cloudfront_response_headers_policy",
+ "aws::cloudfront::streamingdistribution": none,
+ "aws::cloudfront::vpcorigin": "aws_cloudfront_vpc_origin",
+ "aws::cloudtrail::channel": none,
+ "aws::cloudtrail::dashboard": none,
+ "aws::cloudtrail::eventdatastore": "aws_cloudtrail_event_data_store",
+ "aws::cloudtrail::resourcepolicy": none,
+ "aws::cloudtrail::trail": none,
+ "aws::cloudwatch::alarm": "aws_cloudwatch_metric_alarm",
+ "aws::cloudwatch::anomalydetector": none,
+ "aws::cloudwatch::compositealarm": "aws_cloudwatch_composite_alarm",
+ "aws::cloudwatch::dashboard": "aws_cloudwatch_dashboard",
+ "aws::cloudwatch::insightrule": none,
+ "aws::cloudwatch::metricstream": "aws_cloudwatch_metric_stream",
+ "aws::codeartifact::domain": "aws_codeartifact_domain",
+ "aws::codeartifact::packagegroup": none,
+ "aws::codeartifact::repository": "aws_codeartifact_repository",
+ "aws::codebuild::fleet": none,
+ "aws::codebuild::project": "aws_codebuild_project",
+ "aws::codebuild::reportgroup": "aws_codebuild_report_group",
+ "aws::codebuild::sourcecredential": "aws_codebuild_source_credential",
+ "aws::codecommit::repository": "aws_codecommit_repository",
+ "aws::codeconnections::connection": none,
+ "aws::codedeploy::application": "aws_codedeploy_app",
+ "aws::codedeploy::deploymentconfig": "aws_codedeploy_deployment_config",
+ "aws::codedeploy::deploymentgroup": "aws_codedeploy_deployment_group",
+ "aws::codeguruprofiler::profilinggroup": "aws_codeguruprofiler_profiling_group",
+ "aws::codegurureviewer::repositoryassociation": "aws_codegurureviewer_repository_association",
+ "aws::codepipeline::customactiontype": "aws_codepipeline_custom_action_type",
+ "aws::codepipeline::pipeline": "aws_codepipeline",
+ "aws::codepipeline::webhook": "aws_codepipeline_webhook",
+ "aws::codestar::githubrepository": none,
+ "aws::codestarconnections::connection": "aws_codestarconnections_connection",
+ "aws::codestarconnections::repositorylink": none,
+ "aws::codestarconnections::syncconfiguration": none,
+ "aws::codestarnotifications::notificationrule": "aws_codestarnotifications_notification_rule",
+ "aws::cognito::identitypool": "aws_cognito_identity_pool",
+ "aws::cognito::identitypoolprincipaltag": "aws_cognito_identity_pool_provider_principal_tag",
+ "aws::cognito::identitypoolroleattachment": "aws_cognito_identity_pool_roles_attachment",
+ "aws::cognito::logdeliveryconfiguration": none,
+ "aws::cognito::managedloginbranding": none,
+ "aws::cognito::userpool": "aws_cognito_user_pool",
+ "aws::cognito::userpoolclient": "aws_cognito_user_pool_client",
+ "aws::cognito::userpooldomain": "aws_cognito_user_pool_domain",
+ "aws::cognito::userpoolgroup": none,
+ "aws::cognito::userpoolidentityprovider": "aws_cognito_identity_provider",
+ "aws::cognito::userpoolresourceserver": "aws_cognito_resource_server",
+ "aws::cognito::userpoolriskconfigurationattachment": none,
+ "aws::cognito::userpooluicustomizationattachment": "aws_cognito_user_pool_ui_customization",
+ "aws::cognito::userpooluser": none,
+ "aws::cognito::userpoolusertogroupattachment": none,
+ "aws::comprehend::documentclassifier": "aws_comprehend_document_classifier",
+ "aws::comprehend::flywheel": none,
+ "aws::config::aggregationauthorization": "aws_config_aggregate_authorization",
+ "aws::config::configrule": "aws_config_config_rule",
+ "aws::config::configurationaggregator": "aws_config_configuration_aggregator",
+ "aws::config::configurationrecorder": "aws_config_configuration_recorder",
+ "aws::config::conformancepack": "aws_config_conformance_pack",
+ "aws::config::deliverychannel": "aws_config_delivery_channel",
+ "aws::config::organizationconfigrule": "aws_config_organization_custom_policy_rule",
+ "aws::config::organizationconformancepack": "aws_config_organization_conformance_pack",
+ "aws::config::remediationconfiguration": "aws_config_remediation_configuration",
+ "aws::config::storedquery": none,
+ "aws::connect::agentstatus": none,
+ "aws::connect::approvedorigin": none,
+ "aws::connect::contactflow": "aws_connect_contact_flow",
+ "aws::connect::contactflowmodule": "aws_connect_contact_flow_module",
+ "aws::connect::contactflowversion": "aws_connect_contact_flow",
+ "aws::connect::emailaddress": none,
+ "aws::connect::evaluationform": none,
+ "aws::connect::hoursofoperation": "aws_connect_hours_of_operation",
+ "aws::connect::instance": "aws_connect_instance",
+ "aws::connect::instancestorageconfig": none,
+ "aws::connect::integrationassociation": none,
+ "aws::connect::phonenumber": "aws_connect_phone_number",
+ "aws::connect::predefinedattribute": none,
+ "aws::connect::prompt": none,
+ "aws::connect::queue": "aws_connect_queue",
+ "aws::connect::quickconnect": "aws_connect_quick_connect",
+ "aws::connect::routingprofile": "aws_connect_routing_profile",
+ "aws::connect::rule": none,
+ "aws::connect::securitykey": none,
+ "aws::connect::securityprofile": "aws_connect_security_profile",
+ "aws::connect::tasktemplate": none,
+ "aws::connect::trafficdistributiongroup": none,
+ "aws::connect::user": "aws_connect_user",
+ "aws::connect::userhierarchygroup": "aws_connect_user_hierarchy_group",
+ "aws::connect::userhierarchystructure": "aws_connect_user_hierarchy_structure",
+ "aws::connect::view": none,
+ "aws::connect::viewversion": none,
+ "aws::connectcampaigns::campaign": none,
+ "aws::connectcampaignsv2::campaign": none,
+ "aws::controltower::enabledbaseline": none,
+ "aws::controltower::enabledcontrol": "aws_controltower_control",
+ "aws::controltower::landingzone": "aws_controltower_landing_zone",
+ "aws::cur::reportdefinition": "aws_cur_report_definition",
+ "aws::customerprofiles::calculatedattributedefinition": none,
+ "aws::customerprofiles::domain": none,
+ "aws::customerprofiles::eventstream": none,
+ "aws::customerprofiles::eventtrigger": none,
+ "aws::customerprofiles::integration": none,
+ "aws::customerprofiles::objecttype": none,
+ "aws::customerprofiles::segmentdefinition": none,
+ "aws::databrew::dataset": none,
+ "aws::databrew::job": none,
+ "aws::databrew::project": none,
+ "aws::databrew::recipe": none,
+ "aws::databrew::ruleset": none,
+ "aws::databrew::schedule": none,
+ "aws::datapipeline::pipeline": "aws_datapipeline_pipeline",
+ "aws::datasync::agent": "aws_datasync_agent",
+ "aws::datasync::locationazureblob": "aws_datasync_location_azure_blob",
+ "aws::datasync::locationefs": "aws_datasync_location_efs",
+ "aws::datasync::locationfsxlustre": "aws_datasync_location_fsx_lustre_file_system", //nolint:lll
+ "aws::datasync::locationfsxontap": "aws_datasync_location_fsx_ontap_file_system", //nolint:lll
+ "aws::datasync::locationfsxopenzfs": "aws_datasync_location_fsx_openzfs_file_system", //nolint:lll
+ "aws::datasync::locationfsxwindows": "aws_datasync_location_fsx_windows_file_system", //nolint:lll
+ "aws::datasync::locationhdfs": "aws_datasync_location_hdfs",
+ "aws::datasync::locationnfs": "aws_datasync_location_nfs",
+ "aws::datasync::locationobjectstorage": "aws_datasync_location_object_storage",
+ "aws::datasync::locations3": "aws_datasync_location_s3",
+ "aws::datasync::locationsmb": "aws_datasync_location_smb",
+ "aws::datasync::storagesystem": none,
+ "aws::datasync::task": "aws_datasync_task",
+ "aws::datazone::connection": none,
+ "aws::datazone::datasource": none,
+ "aws::datazone::domain": "aws_datazone_domain",
+ "aws::datazone::environment": none,
+ "aws::datazone::environmentactions": none,
+ "aws::datazone::environmentblueprintconfiguration": "aws_datazone_environment_blueprint_configuration", //nolint:lll
+ "aws::datazone::environmentprofile": none,
+ "aws::datazone::groupprofile": none,
+ "aws::datazone::project": "aws_datazone_project",
+ "aws::datazone::projectmembership": none,
+ "aws::datazone::subscriptiontarget": none,
+ "aws::datazone::userprofile": none,
+ "aws::dax::cluster": "aws_dax_cluster",
+ "aws::dax::parametergroup": "aws_dax_parameter_group",
+ "aws::dax::subnetgroup": "aws_dax_subnet_group",
+ "aws::deadline::farm": none,
+ "aws::deadline::fleet": none,
+ "aws::deadline::licenseendpoint": none,
+ "aws::deadline::limit": none,
+ "aws::deadline::meteredproduct": none,
+ "aws::deadline::monitor": none,
+ "aws::deadline::queue": none,
+ "aws::deadline::queueenvironment": none,
+ "aws::deadline::queuefleetassociation": none,
+ "aws::deadline::queuelimitassociation": none,
+ "aws::deadline::storageprofile": none,
+ "aws::detective::graph": "aws_detective_graph",
+ "aws::detective::memberinvitation": "aws_detective_invitation_accepter",
+ "aws::detective::organizationadmin": "aws_detective_organization_admin_account",
+ "aws::devopsguru::loganomalydetectionintegration": none,
+ "aws::devopsguru::notificationchannel": "aws_devopsguru_notification_channel",
+ "aws::devopsguru::resourcecollection": "aws_devopsguru_resource_collection",
+ "aws::directoryservice::microsoftad": "aws_directory_service_directory",
+ "aws::directoryservice::simplead": "aws_directory_service_directory",
+ "aws::dlm::lifecyclepolicy": "aws_dlm_lifecycle_policy",
+ "aws::dms::certificate": "aws_dms_certificate",
+ "aws::dms::datamigration": none,
+ "aws::dms::dataprovider": none,
+ "aws::dms::endpoint": "aws_dms_endpoint",
+ "aws::dms::eventsubscription": "aws_dms_event_subscription",
+ "aws::dms::instanceprofile": none,
+ "aws::dms::migrationproject": none,
+ "aws::dms::replicationconfig": "aws_dms_replication_config",
+ "aws::dms::replicationinstance": "aws_dms_replication_instance",
+ "aws::dms::replicationsubnetgroup": "aws_dms_replication_subnet_group",
+ "aws::dms::replicationtask": "aws_dms_replication_task",
+ "aws::docdb::dbcluster": "aws_docdb_cluster",
+ "aws::docdb::dbclusterparametergroup": "aws_docdb_cluster_parameter_group",
+ "aws::docdb::dbinstance": "aws_docdb_cluster_instance",
+ "aws::docdb::dbsubnetgroup": "aws_docdb_subnet_group",
+ "aws::docdb::eventsubscription": "aws_docdb_event_subscription",
+ "aws::docdbelastic::cluster": "aws_docdbelastic_cluster",
+ "aws::dynamodb::globaltable": "aws_dynamodb_global_table",
+ "aws::dynamodb::table": "aws_dynamodb_table",
+ "aws::ec2::capacityreservation": "aws_ec2_capacity_reservation",
+ "aws::ec2::capacityreservationfleet": none,
+ "aws::ec2::carriergateway": none,
+ "aws::ec2::clientvpnauthorizationrule": none,
+ "aws::ec2::clientvpnendpoint": none,
+ "aws::ec2::clientvpnroute": none,
+ "aws::ec2::clientvpntargetnetworkassociation": none,
+ "aws::ec2::customergateway": none,
+ "aws::ec2::dhcpoptions": "aws_vpc_dhcp_options",
+ "aws::ec2::ec2fleet": none,
+ "aws::ec2::egressonlyinternetgateway": none,
+ "aws::ec2::eip": "aws_eip",
+ "aws::ec2::eipassociation": "aws_eip_association",
+ "aws::ec2::enclavecertificateiamroleassociation": none,
+ "aws::ec2::flowlog": "aws_flow_log",
+ "aws::ec2::gatewayroutetableassociation": none,
+ "aws::ec2::host": "aws_ec2_host",
+ "aws::ec2::instance": "aws_instance",
+ "aws::ec2::instanceconnectendpoint": none,
+ "aws::ec2::internetgateway": "aws_Internet_gateway",
+ "aws::ec2::ipam": "aws_vpc_ipam",
+ "aws::ec2::ipamallocation": none,
+ "aws::ec2::ipampool": "aws_vpc_ipam_pool",
+ "aws::ec2::ipampoolcidr": "aws_vpc_ipam_pool_cidr",
+ "aws::ec2::ipamresourcediscovery": "aws_vpc_ipam_resource_discovery",
+ "aws::ec2::ipamresourcediscoveryassociation": "aws_vpc_ipam_resource_discovery_association",
+ "aws::ec2::ipamscope": "aws_vpc_ipam_scope",
+ "aws::ec2::keypair": "aws_key_pair",
+ "aws::ec2::launchtemplate": "aws_launch_template",
+ "aws::ec2::localgatewayroute": "aws_ec2_local_gateway_route",
+ "aws::ec2::localgatewayroutetable": "aws_ec2_local_gateway_route_table_vpc_association",
+ "aws::ec2::localgatewayroutetablevirtualinterfacegroupassociation": none,
+ "aws::ec2::localgatewayroutetablevpcassociation": none,
+ "aws::ec2::natgateway": "aws_nat_gateway",
+ "aws::ec2::networkacl": "aws_network_acl",
+ "aws::ec2::networkaclentry": "aws_network_acl_rule",
+ "aws::ec2::networkinsightsaccessscope": none,
+ "aws::ec2::networkinsightsaccessscopeanalysis": none,
+ "aws::ec2::networkinsightsanalysis": "aws_ec2_network_insights_analysis",
+ "aws::ec2::networkinsightspath": "aws_ec2_network_insights_path",
+ "aws::ec2::networkinterface": "aws_network_interface",
+ "aws::ec2::networkinterfaceattachment": "aws_network_interface_attachment",
+ "aws::ec2::networkinterfacepermission": none,
+ "aws::ec2::networkperformancemetricsubscription": none,
+ "aws::ec2::placementgroup": "aws_placement_group",
+ "aws::ec2::prefixlist": "aws_ec2_managed_prefix_list",
+ "aws::ec2::route": "aws_route",
+ "aws::ec2::routetable": "aws_route_table",
+ "aws::ec2::securitygroup": "aws_security_group",
+ "aws::ec2::securitygroupegress": "aws_security_group_rule_egress",
+ "aws::ec2::securitygroupingress": "aws_security_group_rule_ingress",
+ "aws::ec2::securitygroupvpcassociation": "aws_vpc_endpoint_security_group_association",
+ "aws::ec2::snapshotblockpublicaccess": none,
+ "aws::ec2::spotfleet": "aws_spot_fleet_request",
+ "aws::ec2::subnet": "aws_subnet",
+ "aws::ec2::subnetcidrblock": none,
+ "aws::ec2::subnetnetworkaclassociation": "aws_network_acl_association",
+ "aws::ec2::subnetroutetableassociation": "aws_route_table_association",
+ "aws::ec2::trafficmirrorfilter": "aws_ec2_traffic_mirror_filter",
+ "aws::ec2::trafficmirrorfilterrule": "aws_ec2_traffic_mirror_filter_rule",
+ "aws::ec2::trafficmirrorsession": "aws_ec2_traffic_mirror_session",
+ "aws::ec2::trafficmirrortarget": "aws_ec2_traffic_mirror_target",
+ "aws::ec2::transitgateway": "aws_ec2_transit_gateway",
+ "aws::ec2::transitgatewayattachment": "aws_ec2_transit_gateway",
+ "aws::ec2::transitgatewayconnect": "aws_ec2_transit_gateway_connect",
+ "aws::ec2::transitgatewaymulticastdomain": "aws_ec2_transit_gateway_multicast_domain",
+ "aws::ec2::transitgatewaymulticastdomainassociation": "aws_ec2_transit_gateway_multicast_domain_association", //nolint:lll
+ "aws::ec2::transitgatewaymulticastgroupmember": "aws_ec2_transit_gateway_multicast_group_member",
+ "aws::ec2::transitgatewaymulticastgroupsource": "aws_ec2_transit_gateway_multicast_group_source",
+ "aws::ec2::transitgatewaypeeringattachment": "aws_ec2_transit_gateway_peering_attachment",
+ "aws::ec2::transitgatewayroute": "aws_ec2_transit_gateway_route",
+ "aws::ec2::transitgatewayroutetable": "aws_ec2_transit_gateway_route_table",
+ "aws::ec2::transitgatewayroutetableassociation": "aws_ec2_transit_gateway_route_table_association",
+ "aws::ec2::transitgatewayroutetablepropagation": "aws_ec2_transit_gateway_route_table_propagation",
+ "aws::ec2::transitgatewayvpcattachment": "aws_ec2_transit_gateway_vpc_attachment",
+ "aws::ec2::verifiedaccessendpoint": "aws_verifiedaccess_endpoint",
+ "aws::ec2::verifiedaccessgroup": "aws_verifiedaccess_group",
+ "aws::ec2::verifiedaccessinstance": "aws_verifiedaccess_instance",
+ "aws::ec2::verifiedaccesstrustprovider": "aws_verifiedaccess_trust_provider",
+ "aws::ec2::volume": "aws_ebs_volume",
+ "aws::ec2::volumeattachment": "aws_volume_attachment",
+ "aws::ec2::vpc": "aws_vpc",
+ "aws::ec2::vpcblockpublicaccessexclusion": none,
+ "aws::ec2::vpcblockpublicaccessoptions": none,
+ "aws::ec2::vpccidrblock": none,
+ "aws::ec2::vpcdhcpoptionsassociation": "aws_vpc_dhcp_options_association",
+ "aws::ec2::vpcendpoint": "aws_vpc_endpoint",
+ "aws::ec2::vpcendpointconnectionnotification": "aws_vpc_endpoint_connection_notification",
+ "aws::ec2::vpcendpointservice": "aws_vpc_endpoint_service",
+ "aws::ec2::vpcendpointservicepermissions": none,
+ "aws::ec2::vpcgatewayattachment": "aws_vpn_gateway_attachment",
+ "aws::ec2::vpcpeeringconnection": "aws_vpc_peering_connection",
+ "aws::ec2::vpnconnection": "aws_vpn_connection",
+ "aws::ec2::vpnconnectionroute": "aws_vpn_connection_route",
+ "aws::ec2::vpngateway": "aws_vpn_gateway",
+ "aws::ec2::vpngatewayroutepropagation": "aws_vpn_gateway_route_propagation",
+ "aws::ecr::publicrepository": "aws_ecrpublic_repository",
+ "aws::ecr::pullthroughcacherule": "aws_ecr_pull_through_cache_rule",
+ "aws::ecr::registrypolicy": "aws_ecr_registry_policy",
+ "aws::ecr::replicationconfiguration": "aws_ecr_replication_configuration",
+ "aws::ecr::repository": "aws_ecr_repository",
+ "aws::ecr::repositorycreationtemplate": "aws_ecr_repository_creation_template",
+ "aws::ecs::capacityprovider": "aws_ecs_capacity_provider",
+ "aws::ecs::cluster": "aws_ecs_cluster",
+ "aws::ecs::clustercapacityproviderassociations": none,
+ "aws::ecs::primarytaskset": none,
+ "aws::ecs::service": "aws_ecs_service",
+ "aws::ecs::taskdefinition": "aws_ecs_task_definition",
+ "aws::ecs::taskset": "aws_ecs_task_set",
+ "aws::efs::accesspoint": "aws_efs_access_point",
+ "aws::efs::filesystem": "aws_efs_file_system",
+ "aws::efs::mounttarget": "aws_efs_mount_target",
+ "aws::eks::accessentry": "aws_eks_access_entry",
+ "aws::eks::addon": "aws_eks_addon",
+ "aws::eks::cluster": "aws_eks_cluster",
+ "aws::eks::fargateprofile": "aws_eks_fargate_profile",
+ "aws::eks::identityproviderconfig": "aws_eks_identity_provider_config",
+ "aws::eks::nodegroup": "aws_eks_node_group",
+ "aws::eks::podidentityassociation": "aws_eks_pod_identity_association",
+ "aws::elasticache::cachecluster": "aws_elasticache_cluster",
+ "aws::elasticache::globalreplicationgroup": "aws_elasticache_global_replication_group",
+ "aws::elasticache::parametergroup": "aws_elasticache_parameter_group",
+ "aws::elasticache::replicationgroup": "aws_elasticache_replication_group",
+ "aws::elasticache::securitygroup": none,
+ "aws::elasticache::securitygroupingress": none,
+ "aws::elasticache::serverlesscache": none,
+ "aws::elasticache::subnetgroup": "aws_elasticache_subnet_group",
+ "aws::elasticache::user": "aws_elasticache_user",
+ "aws::elasticache::usergroup": "aws_elasticache_user_group",
+ "aws::elasticbeanstalk::application": "aws_elastic_beanstalk_application",
+ "aws::elasticbeanstalk::applicationversion": "aws_elastic_beanstalk_application_version",
+ "aws::elasticbeanstalk::configurationtemplate": "aws_elastic_beanstalk_configuration_template",
+ "aws::elasticbeanstalk::environment": "aws_elastic_beanstalk_environment",
+ "aws::elasticloadbalancing::loadbalancer": "aws_elb",
+ "aws::elasticloadbalancingv2::listener": "aws_lb_listener",
+ "aws::elasticloadbalancingv2::listenercertificate": "aws_lb_listener_certificate",
+ "aws::elasticloadbalancingv2::listenerrule": "aws_lb_listener_rule",
+ "aws::elasticloadbalancingv2::loadbalancer": "aws_lb",
+ "aws::elasticloadbalancingv2::targetgroup": "aws_lb_target_group",
+ "aws::elasticloadbalancingv2::truststore": none,
+ "aws::elasticloadbalancingv2::truststorerevocation": none,
+ "aws::elasticsearch::domain": "aws_elasticsearch_domain",
+ "aws::emr::cluster": "aws_emr_cluster",
+ "aws::emr::instancefleetconfig": "aws_emr_instance_fleet",
+ "aws::emr::instancegroupconfig": "aws_emr_instance_group",
+ "aws::emr::securityconfiguration": "aws_emr_security_configuration",
+ "aws::emr::step": none,
+ "aws::emr::studio": "aws_emr_studio",
+ "aws::emr::studiosessionmapping": "aws_emr_studio_session_mapping",
+ "aws::emr::walworkspace": none,
+ "aws::emrcontainers::virtualcluster": "aws_emrcontainers_virtual_cluster",
+ "aws::emrserverless::application": "aws_emrserverless_application",
+ "aws::entityresolution::idmappingworkflow": none,
+ "aws::entityresolution::idnamespace": none,
+ "aws::entityresolution::matchingworkflow": none,
+ "aws::entityresolution::policystatement": none,
+ "aws::entityresolution::schemamapping": none,
+ "aws::events::apidestination": "aws_cloudwatch_event_api_destination",
+ "aws::events::archive": "aws_cloudwatch_event_archive",
+ "aws::events::connection": "aws_cloudwatch_event_connection",
+ "aws::events::endpoint": "aws_cloudwatch_event_endpoint",
+ "aws::events::eventbus": "aws_cloudwatch_event_bus",
+ "aws::events::eventbuspolicy": "aws_cloudwatch_event_bus_policy",
+ "aws::events::rule": "aws_cloudwatch_event_rule",
+ "aws::eventschemas::discoverer": "aws_schemas_discoverer",
+ "aws::eventschemas::registry": "aws_schemas_registry",
+ "aws::eventschemas::registrypolicy": "aws_schemas_registry_policy",
+ "aws::eventschemas::schema": "aws_schemas_schema",
+ "aws::evidently::experiment": none,
+ "aws::evidently::feature": "aws_evidently_feature",
+ "aws::evidently::launch": "aws_evidently_launch",
+ "aws::evidently::project": "aws_evidently_project",
+ "aws::evidently::segment": "aws_evidently_segment",
+ "aws::finspace::environment": "aws_finspace_kx_environment",
+ "aws::fis::experimenttemplate": "aws_fis_experiment_template",
+ "aws::fis::targetaccountconfiguration": none,
+ "aws::fms::notificationchannel": none,
+ "aws::fms::policy": "aws_fms_policy",
+ "aws::fms::resourceset": "aws_fms_resource_set",
+ "aws::forecast::dataset": none,
+ "aws::forecast::datasetgroup": none,
+ "aws::frauddetector::detector": none,
+ "aws::frauddetector::entitytype": none,
+ "aws::frauddetector::eventtype": none,
+ "aws::frauddetector::label": none,
+ "aws::frauddetector::list": none,
+ "aws::frauddetector::outcome": none,
+ "aws::frauddetector::variable": none,
+ "aws::fsx::datarepositoryassociation": "aws_fsx_data_repository_association",
+ "aws::fsx::filesystem": "aws_fsx_ontap_file_system",
+ "aws::fsx::snapshot": "aws_fsx_openzfs_snapshot",
+ "aws::fsx::storagevirtualmachine": "aws_fsx_ontap_storage_virtual_machine",
+ "aws::fsx::volume": "aws_fsx_ontap_volume",
+ "aws::gamelift::alias": "aws_gamelift_alias",
+ "aws::gamelift::build": "aws_gamelift_build",
+ "aws::gamelift::containerfleet": none,
+ "aws::gamelift::containergroupdefinition": none,
+ "aws::gamelift::fleet": "aws_gamelift_fleet",
+ "aws::gamelift::gameservergroup": "aws_gamelift_game_server_group",
+ "aws::gamelift::gamesessionqueue": "aws_gamelift_game_session_queue",
+ "aws::gamelift::location": none,
+ "aws::gamelift::matchmakingconfiguration": none,
+ "aws::gamelift::matchmakingruleset": none,
+ "aws::gamelift::script": "aws_gamelift_script",
+ "aws::globalaccelerator::accelerator": "aws_globalaccelerator_accelerator",
+ "aws::globalaccelerator::crossaccountattachment": "aws_globalaccelerator_cross_account_attachment",
+ "aws::globalaccelerator::endpointgroup": "aws_globalaccelerator_endpoint_group",
+ "aws::globalaccelerator::listener": "aws_globalaccelerator_listener",
+ "aws::glue::classifier": "aws_glue_classifier",
+ "aws::glue::connection": "aws_glue_connection",
+ "aws::glue::crawler": "aws_glue_crawler",
+ "aws::glue::customentitytype": none,
+ "aws::glue::database": "aws_glue_catalog_database",
+ "aws::glue::datacatalogencryptionsettings": "aws_glue_data_catalog_encryption_settings",
+ "aws::glue::dataqualityruleset": "aws_glue_data_quality_ruleset",
+ "aws::glue::devendpoint": "aws_glue_dev_endpoint",
+ "aws::glue::job": "aws_glue_job",
+ "aws::glue::mltransform": "aws_glue_ml_transform",
+ "aws::glue::partition": "aws_glue_partition",
+ "aws::glue::registry": "aws_glue_registry",
+ "aws::glue::schema": "aws_glue_schema",
+ "aws::glue::schemaversion": none,
+ "aws::glue::schemaversionmetadata": none,
+ "aws::glue::securityconfiguration": "aws_glue_security_configuration",
+ "aws::glue::table": "aws_glue_catalog_table",
+ "aws::glue::tableoptimizer": none,
+ "aws::glue::trigger": "aws_glue_trigger",
+ "aws::glue::usageprofile": none,
+ "aws::glue::workflow": "aws_glue_workflow",
+ "aws::grafana::workspace": none,
+ "aws::greengrass::connectordefinition": none,
+ "aws::greengrass::connectordefinitionversion": none,
+ "aws::greengrass::coredefinition": none,
+ "aws::greengrass::coredefinitionversion": none,
+ "aws::greengrass::devicedefinition": none,
+ "aws::greengrass::devicedefinitionversion": none,
+ "aws::greengrass::functiondefinition": none,
+ "aws::greengrass::functiondefinitionversion": none,
+ "aws::greengrass::group": none,
+ "aws::greengrass::groupversion": none,
+ "aws::greengrass::loggerdefinition": none,
+ "aws::greengrass::loggerdefinitionversion": none,
+ "aws::greengrass::resourcedefinition": none,
+ "aws::greengrass::resourcedefinitionversion": none,
+ "aws::greengrass::subscriptiondefinition": none,
+ "aws::greengrass::subscriptiondefinitionversion": none,
+ "aws::greengrassv2::componentversion": none,
+ "aws::greengrassv2::deployment": none,
+ "aws::groundstation::config": none,
+ "aws::groundstation::dataflowendpointgroup": none,
+ "aws::groundstation::missionprofile": none,
+ "aws::guardduty::detector": "aws_guardduty_detector",
+ "aws::guardduty::filter": "aws_guardduty_filter",
+ "aws::guardduty::ipset": "aws_guardduty_ipset",
+ "aws::guardduty::malwareprotectionplan": "aws_guardduty_malware_protection_plan",
+ "aws::guardduty::master": none,
+ "aws::guardduty::member": "aws_guardduty_member",
+ "aws::guardduty::publishingdestination": "aws_guardduty_publishing_destination",
+ "aws::guardduty::threatintelset": "aws_guardduty_threatintelset",
+ "aws::healthimaging::datastore": none,
+ "aws::healthlake::fhirdatastore": none,
+ "aws::iam::accessKey": "aws_iam_access_key",
+ "aws::iam::accesskey": "aws_iam_access_key",
+ "aws::iam::group": "aws_iam_group",
+ "aws::iam::grouppolicy": "aws_iam_group_policy",
+ "aws::iam::instanceprofile": "aws_iam_instance_profile",
+ "aws::iam::managedpolicy": "aws_iam_managed_policy",
+ "aws::iam::oidcprovider": none,
+ "aws::iam::policy": "aws_iam_policy",
+ "aws::iam::role": "aws_iam_role",
+ "aws::iam::rolepolicy": "aws_iam_role_policy",
+ "aws::iam::samlprovider": "aws_iam_saml_provider",
+ "aws::iam::servercertificate": "aws_iam_server_certificate",
+ "aws::iam::servicelinkedrole": "aws_iam_service_linked_role",
+ "aws::iam::user": "aws_iam_user",
+ "aws::iam::userpolicy": "aws_iam_user",
+ "aws::iam::usertogroupaddition": "aws_iam_group_membership",
+ "aws::iam::virtualmfadevice": "aws_iam_virtual_mfa_device",
+ "aws::identitystore::group": none,
+ "aws::identitystore::groupmembership": none,
+ "aws::imagebuilder::component": "aws_imagebuilder_component",
+ "aws::imagebuilder::containerrecipe": "aws_imagebuilder_container_recipe",
+ "aws::imagebuilder::distributionconfiguration": "aws_imagebuilder_distribution_configuration",
+ "aws::imagebuilder::image": "aws_imagebuilder_image",
+ "aws::imagebuilder::imagepipeline": "aws_imagebuilder_image_pipeline",
+ "aws::imagebuilder::imagerecipe": "aws_imagebuilder_image_recipe",
+ "aws::imagebuilder::infrastructureconfiguration": "aws_imagebuilder_infrastructure_configuration",
+ "aws::imagebuilder::lifecyclepolicy": none,
+ "aws::imagebuilder::workflow": "aws_imagebuilder_workflow",
+ "aws::inspector::assessmenttarget": "aws_inspector_assessment_target",
+ "aws::inspector::assessmenttemplate": "aws_inspector_assessment_template",
+ "aws::inspector::resourcegroup": "aws_inspector_resource_group",
+ "aws::inspectorv2::cisscanconfiguration": none,
+ "aws::inspectorv2::filter": none,
+ "aws::internetmonitor::monitor": none,
+ "aws::invoicing::invoiceunit": none,
+ "aws::iot1click::device": none,
+ "aws::iot1click::placement": none,
+ "aws::iot1click::project": none,
+ "aws::iot::accountauditconfiguration": none,
+ "aws::iot::authorizer": "aws_iot_authorizer",
+ "aws::iot::billinggroup": "aws_iot_billing_group",
+ "aws::iot::cacertificate": "aws_iot_ca_certificate",
+ "aws::iot::certificate": "aws_iot_certificate",
+ "aws::iot::certificateprovider": none,
+ "aws::iot::command": none,
+ "aws::iot::custommetric": none,
+ "aws::iot::dimension": none,
+ "aws::iot::domainconfiguration": none,
+ "aws::iot::fleetmetric": none,
+ "aws::iot::jobtemplate": none,
+ "aws::iot::logging": none,
+ "aws::iot::mitigationaction": none,
+ "aws::iot::policy": "aws_iot_policy",
+ "aws::iot::policyprincipalattachment": "aws_iot_policy_attachment",
+ "aws::iot::provisioningtemplate": "aws_iot_provisioning_template",
+ "aws::iot::resourcespecificlogging": none,
+ "aws::iot::rolealias": "aws_iot_role_alias",
+ "aws::iot::scheduledaudit": none,
+ "aws::iot::securityprofile": none,
+ "aws::iot::softwarepackage": none,
+ "aws::iot::softwarepackageversion": none,
+ "aws::iot::thing": "aws_iot_thing",
+ "aws::iot::thinggroup": "aws_iot_thing_group",
+ "aws::iot::thingprincipalattachment": "aws_iot_thing_principal_attachment",
+ "aws::iot::thingtype": "aws_iot_thing_type",
+ "aws::iot::topicrule": "aws_iot_topic_rule",
+ "aws::iot::topicruledestination": "aws_iot_topic_rule_destination",
+ "aws::iotanalytics::channel": none,
+ "aws::iotanalytics::dataset": none,
+ "aws::iotanalytics::datastore": none,
+ "aws::iotanalytics::pipeline": none,
+ "aws::iotcoredeviceadvisor::suitedefinition": none,
+ "aws::iotevents::alarmmodel": none,
+ "aws::iotevents::detectormodel": none,
+ "aws::iotevents::input": none,
+ "aws::iotfleethub::application": none,
+ "aws::iotfleetwise::campaign": none,
+ "aws::iotfleetwise::decodermanifest": none,
+ "aws::iotfleetwise::fleet": none,
+ "aws::iotfleetwise::modelmanifest": none,
+ "aws::iotfleetwise::signalcatalog": none,
+ "aws::iotfleetwise::statetemplate": none,
+ "aws::iotfleetwise::vehicle": none,
+ "aws::iotsitewise::accesspolicy": none,
+ "aws::iotsitewise::asset": none,
+ "aws::iotsitewise::assetmodel": none,
+ "aws::iotsitewise::dashboard": none,
+ "aws::iotsitewise::gateway": none,
+ "aws::iotsitewise::portal": none,
+ "aws::iotsitewise::project": none,
+ "aws::iotthingsgraph::flowtemplate": none,
+ "aws::iottwinmaker::componenttype": none,
+ "aws::iottwinmaker::entity": none,
+ "aws::iottwinmaker::scene": none,
+ "aws::iottwinmaker::syncjob": none,
+ "aws::iottwinmaker::workspace": none,
+ "aws::iotwireless::destination": none,
+ "aws::iotwireless::deviceprofile": none,
+ "aws::iotwireless::fuotatask": none,
+ "aws::iotwireless::multicastgroup": none,
+ "aws::iotwireless::networkanalyzerconfiguration": none,
+ "aws::iotwireless::partneraccount": none,
+ "aws::iotwireless::serviceprofile": none,
+ "aws::iotwireless::taskdefinition": none,
+ "aws::iotwireless::wirelessdevice": none,
+ "aws::iotwireless::wirelessdeviceimporttask": none,
+ "aws::iotwireless::wirelessgateway": none,
+ "aws::ivs::channel": "aws_ivs_channel",
+ "aws::ivs::encoderconfiguration": none,
+ "aws::ivs::ingestconfiguration": none,
+ "aws::ivs::playbackkeypair": "aws_ivs_playback_key_pair",
+ "aws::ivs::playbackrestrictionpolicy": none,
+ "aws::ivs::publickey": none,
+ "aws::ivs::recordingconfiguration": "aws_ivs_recording_configuration",
+ "aws::ivs::stage": none,
+ "aws::ivs::storageconfiguration": none,
+ "aws::ivs::streamkey": none,
+ "aws::ivschat::loggingconfiguration": "aws_ivschat_logging_configuration",
+ "aws::ivschat::room": "aws_ivschat_room",
+ "aws::kafkaconnect::connector": none,
+ "aws::kafkaconnect::customplugin": none,
+ "aws::kafkaconnect::workerconfiguration": none,
+ "aws::kendra::datasource": "aws_kendra_data_source",
+ "aws::kendra::faq": "aws_kendra_faq",
+ "aws::kendra::index": "aws_kendra_index",
+ "aws::kendraranking::executionplan": none,
+ "aws::kinesis::resourcepolicy": "aws_kinesis_resource_policy",
+ "aws::kinesis::stream": "aws_kinesis_stream",
+ "aws::kinesis::streamconsumer": "aws_kinesis_stream_consumer",
+ "aws::kinesisanalytics::application": "aws_kinesis_analytics_application",
+ "aws::kinesisanalytics::applicationoutput": none,
+ "aws::kinesisanalytics::applicationreferencedatasource": none,
+ "aws::kinesisanalyticsv2::application": "aws_kinesisanalyticsv2_application",
+ "aws::kinesisanalyticsv2::applicationcloudwatchloggingoption": none,
+ "aws::kinesisanalyticsv2::applicationoutput": none,
+ "aws::kinesisanalyticsv2::applicationreferencedatasource": none,
+ "aws::kinesisfirehose::deliverystream": "aws_kinesis_firehose_delivery_stream",
+ "aws::kinesisvideo::signalingchannel": none,
+ "aws::kinesisvideo::stream": "aws_kinesis_video_stream",
+ "aws::kms::alias": "aws_kms_alias",
+ "aws::kms::key": "aws_kms_key",
+ "aws::kms::replicakey": "aws_kms_replica_key",
+ "aws::lakeformation::datacellsfilter": "aws_lakeformation_data_cells_filter",
+ "aws::lakeformation::datalakesettings": "aws_lakeformation_data_lake_settings",
+ "aws::lakeformation::permissions": "aws_lakeformation_permissions",
+ "aws::lakeformation::principalpermissions": none,
+ "aws::lakeformation::resource": "aws_lakeformation_resource",
+ "aws::lakeformation::tag": "aws_lakeformation_lf_tag",
+ "aws::lakeformation::tagassociation": none,
+ "aws::lambda::alias": "aws_lambda_alias",
+ "aws::lambda::codesigningconfig": "aws_lambda_code_signing_config",
+ "aws::lambda::eventinvokeconfig": "aws_lambda_function_event_invoke_config",
+ "aws::lambda::eventsourcemapping": "aws_lambda_event_source_mapping",
+ "aws::lambda::function": "aws_lambda_function",
+ "aws::lambda::layerversion": "aws_lambda_layer_version",
+ "aws::lambda::layerversionpermission": "aws_lambda_layer_version_permission",
+ "aws::lambda::permission": "aws_lambda_permission",
+ "aws::lambda::url": none,
+ "aws::lambda::version": "aws_lambda_version",
+ "aws::launchwizard::deployment": none,
+ "aws::lex::bot": "aws_lex_bot",
+ "aws::lex::botalias": "aws_lex_bot_alias",
+ "aws::lex::botversion": none,
+ "aws::lex::resourcepolicy": none,
+ "aws::licensemanager::grant": "aws_licensemanager_grant",
+ "aws::licensemanager::license": "aws_licensemanager_license_configuration",
+ "aws::lightsail::alarm": none,
+ "aws::lightsail::bucket": "aws_lightsail_bucket",
+ "aws::lightsail::certificate": "aws_lightsail_certificate",
+ "aws::lightsail::container": none,
+ "aws::lightsail::database": "aws_lightsail_database",
+ "aws::lightsail::disk": "aws_lightsail_disk",
+ "aws::lightsail::distribution": "aws_lightsail_distribution",
+ "aws::lightsail::instance": "aws_lightsail_instance",
+ "aws::lightsail::loadbalancer": "aws_lightsail_lb",
+ "aws::lightsail::loadbalancertlscertificate": none,
+ "aws::lightsail::staticip": "aws_lightsail_static_ip",
+ "aws::location::apikey": none,
+ "aws::location::geofencecollection": "aws_location_geofence_collection",
+ "aws::location::map": "aws_location_map",
+ "aws::location::placeindex": "aws_location_place_index",
+ "aws::location::routecalculator": "aws_location_route_calculator",
+ "aws::location::tracker": "aws_location_tracker",
+ "aws::location::trackerconsumer": none,
+ "aws::logs::accountpolicy": "aws_cloudwatch_log_account_policy",
+ "aws::logs::delivery": none,
+ "aws::logs::deliverydestination": none,
+ "aws::logs::deliverysource": none,
+ "aws::logs::destination": none,
+ "aws::logs::integration": none,
+ "aws::logs::loganomalydetector": none,
+ "aws::logs::loggroup": "aws_cloudwatch_loggroup",
+ "aws::logs::logstream": none,
+ "aws::logs::metricfilter": "aws_cloudwatch_log_metric_filter",
+ "aws::logs::querydefinition": none,
+ "aws::logs::resourcepolicy": "aws_cloudwatch_log_resource_policy",
+ "aws::logs::subscriptionfilter": none,
+ "aws::logs::transformer": none,
+ "aws::lookoutequipment::inferencescheduler": none,
+ "aws::lookoutmetrics::alert": none,
+ "aws::lookoutmetrics::anomalydetector": none,
+ "aws::lookoutvision::project": none,
+ "aws::m2::application": none,
+ "aws::m2::deployment": none,
+ "aws::m2::environment": none,
+ "aws::macie::allowlist": none,
+ "aws::macie::customdataidentifier": "aws_macie2_custom_data_identifier",
+ "aws::macie::findingsfilter": "aws_macie2_findings_filter",
+ "aws::macie::session": none,
+ "aws::managedblockchain::accessor": none,
+ "aws::managedblockchain::member": none,
+ "aws::managedblockchain::node": none,
+ "aws::mediaconnect::bridge": none,
+ "aws::mediaconnect::bridgeoutput": none,
+ "aws::mediaconnect::bridgesource": none,
+ "aws::mediaconnect::flow": none,
+ "aws::mediaconnect::flowentitlement": none,
+ "aws::mediaconnect::flowoutput": none,
+ "aws::mediaconnect::flowsource": none,
+ "aws::mediaconnect::flowvpcinterface": none,
+ "aws::mediaconnect::gateway": none,
+ "aws::mediaconvert::jobtemplate": none,
+ "aws::mediaconvert::preset": none,
+ "aws::mediaconvert::queue": "aws_media_convert_queue",
+ "aws::medialive::channel": "aws_medialive_channel",
+ "aws::medialive::channelplacementgroup": none,
+ "aws::medialive::cloudwatchalarmtemplate": none,
+ "aws::medialive::cloudwatchalarmtemplategroup": none,
+ "aws::medialive::cluster": none,
+ "aws::medialive::eventbridgeruletemplate": none,
+ "aws::medialive::eventbridgeruletemplategroup": none,
+ "aws::medialive::input": "aws_medialive_input",
+ "aws::medialive::inputsecuritygroup": "aws_medialive_input_security_group",
+ "aws::medialive::multiplex": "aws_medialive_multiplex",
+ "aws::medialive::multiplexprogram": "aws_medialive_multiplex_program",
+ "aws::medialive::network": none,
+ "aws::medialive::sdisource": none,
+ "aws::medialive::signalmap": none,
+ "aws::mediapackage::asset": none,
+ "aws::mediapackage::channel": "aws_media_package_channel",
+ "aws::mediapackage::originendpoint": none,
+ "aws::mediapackage::packagingconfiguration": none,
+ "aws::mediapackage::packaginggroup": none,
+ "aws::mediapackagev2::channel": none,
+ "aws::mediapackagev2::channelgroup": none,
+ "aws::mediapackagev2::channelpolicy": none,
+ "aws::mediapackagev2::originendpoint": none,
+ "aws::mediapackagev2::originendpointpolicy": none,
+ "aws::mediastore::container": "aws_media_store_container",
+ "aws::mediatailor::channel": none,
+ "aws::mediatailor::channelpolicy": none,
+ "aws::mediatailor::livesource": none,
+ "aws::mediatailor::playbackconfiguration": none,
+ "aws::mediatailor::sourcelocation": none,
+ "aws::mediatailor::vodsource": none,
+ "aws::memorydb::acl": "aws_memorydb_acl",
+ "aws::memorydb::cluster": "aws_memorydb_cluster",
+ "aws::memorydb::multiregioncluster": none,
+ "aws::memorydb::parametergroup": "aws_memorydb_parameter_group",
+ "aws::memorydb::subnetgroup": "aws_memorydb_subnet_group",
+ "aws::memorydb::user": none,
+ "aws::msk::batchscramsecret": none,
+ "aws::msk::cluster": "aws_msk_cluster",
+ "aws::msk::clusterpolicy": "aws_msk_cluster_policy",
+ "aws::msk::configuration": "aws_msk_configuration",
+ "aws::msk::replicator": "aws_msk_replicator",
+ "aws::msk::serverlesscluster": "aws_msk_serverless_cluster",
+ "aws::msk::vpcconnection": "aws_msk_vpc_connection",
+ "aws::mwaa::environment": "aws_mwaa_environment",
+ "aws::neptune::dbcluster": "aws_neptune_cluster",
+ "aws::neptune::dbclusterparametergroup": "aws_neptune_cluster_parameter_group",
+ "aws::neptune::dbinstance": "aws_neptune_cluster_instance",
+ "aws::neptune::dbparametergroup": "aws_neptune_parameter_group",
+ "aws::neptune::dbsubnetgroup": "aws_neptune_subnet_group",
+ "aws::neptune::eventsubscription": none,
+ "aws::neptunegraph::graph": none,
+ "aws::neptunegraph::privategraphendpoint": none,
+ "aws::networkfirewall::firewall": "aws_networkfirewall_firewall",
+ "aws::networkfirewall::firewallpolicy": "aws_networkfirewall_firewall_policy",
+ "aws::networkfirewall::loggingconfiguration": "aws_networkfirewall_logging_configuration",
+ "aws::networkfirewall::rulegroup": "aws_networkfirewall_rule_group",
+ "aws::networkfirewall::tlsinspectionconfiguration": "aws_networkfirewall_tls_inspection_configuration", //nolint:lll
+ "aws::networkmanager::connectattachment": "aws_networkmanager_connect_attachment",
+ "aws::networkmanager::connectpeer": "aws_networkmanager_connect_peer",
+ "aws::networkmanager::corenetwork": "aws_networkmanager_core_network",
+ "aws::networkmanager::customergatewayassociation": "aws_networkmanager_customer_gateway_association",
+ "aws::networkmanager::device": "aws_networkmanager_device",
+ "aws::networkmanager::directconnectgatewayattachment": "aws_networkmanager_dx_gateway_attachment",
+ "aws::networkmanager::globalnetwork": "aws_networkmanager_global_network",
+ "aws::networkmanager::link": "aws_networkmanager_link",
+ "aws::networkmanager::linkassociation": "aws_networkmanager_link_association",
+ "aws::networkmanager::site": "aws_networkmanager_site",
+ "aws::networkmanager::sitetositevpnattachment": "aws_networkmanager_site_to_site_vpn_attachment",
+ "aws::networkmanager::transitgatewaypeering": "aws_networkmanager_transit_gateway_peering",
+ "aws::networkmanager::transitgatewayregistration": "aws_networkmanager_transit_gateway_registration",
+ "aws::networkmanager::transitgatewayroutetableattachment": "aws_networkmanager_transit_gateway_route_table_attachment", //nolint:lll
+ "aws::networkmanager::vpcattachment": "aws_networkmanager_vpc_attachment",
+ "aws::nimblestudio::launchprofile": none,
+ "aws::nimblestudio::streamingimage": none,
+ "aws::nimblestudio::studio": none,
+ "aws::nimblestudio::studiocomponent": none,
+ "aws::notifications::channelassociation": none,
+ "aws::notifications::eventrule": none,
+ "aws::notifications::managednotificationaccountcontactassociation": none,
+ "aws::notifications::managednotificationadditionalchannelassociation": none,
+ "aws::notifications::notificationconfiguration": none,
+ "aws::notifications::notificationhub": none,
+ "aws::notificationscontacts::emailcontact": none,
+ "aws::oam::link": none,
+ "aws::oam::sink": none,
+ "aws::omics::annotationstore": none,
+ "aws::omics::referencestore": none,
+ "aws::omics::rungroup": none,
+ "aws::omics::sequencestore": none,
+ "aws::omics::variantstore": none,
+ "aws::omics::workflow": none,
+ "aws::opensearchserverless::accesspolicy": "aws_opensearchserverless_access_policy",
+ "aws::opensearchserverless::collection": "aws_opensearchserverless_collection",
+ "aws::opensearchserverless::index": none,
+ "aws::opensearchserverless::lifecyclepolicy": "aws_opensearchserverless_lifecycle_policy",
+ "aws::opensearchserverless::securityconfig": "aws_opensearchserverless_security_config",
+ "aws::opensearchserverless::securitypolicy": "aws_opensearchserverless_security_policy",
+ "aws::opensearchserverless::vpcendpoint": "aws_opensearchserverless_vpc_endpoint",
+ "aws::opensearchservice::application": none,
+ "aws::opensearchservice::domain": "aws_opensearch_domain",
+ "aws::opsworks::app": "aws_opensearch_domain",
+ "aws::opsworks::elasticloadbalancerattachment": none,
+ "aws::opsworks::instance": none,
+ "aws::opsworks::layer": none,
+ "aws::opsworks::stack": "aws_opsworks_stack",
+ "aws::opsworks::userprofile": none,
+ "aws::opsworks::volume": none,
+ "aws::opsworkscm::server": none,
+ "aws::organizations::account": "aws_organizations_account",
+ "aws::organizations::organization": "aws_organizations_organization",
+ "aws::organizations::organizationalunit": "aws_organizations_organizational_unit",
+ "aws::organizations::policy": "aws_organizations_policy",
+ "aws::organizations::resourcepolicy": "aws_organizations_resource_policy",
+ "aws::osis::pipeline": "aws_osis_pipeline",
+ "aws::panorama::applicationinstance": none,
+ "aws::panorama::package": none,
+ "aws::panorama::packageversion": none,
+ "aws::paymentcryptography::alias": "aws_paymentcryptography_key_alias",
+ "aws::paymentcryptography::key": "aws_paymentcryptography_key",
+ "aws::pcaconnectorad::connector": none,
+ "aws::pcaconnectorad::directoryregistration": none,
+ "aws::pcaconnectorad::serviceprincipalname": none,
+ "aws::pcaconnectorad::template": none,
+ "aws::pcaconnectorad::templategroupaccesscontrolentry": none,
+ "aws::pcaconnectorscep::challenge": none,
+ "aws::pcaconnectorscep::connector": none,
+ "aws::pcs::cluster": none,
+ "aws::pcs::computenodegroup": none,
+ "aws::pcs::queue": none,
+ "aws::personalize::dataset": none,
+ "aws::personalize::datasetgroup": none,
+ "aws::personalize::schema": none,
+ "aws::personalize::solution": none,
+ "aws::pinpoint::admchannel": "aws_pinpoint_adm_channel",
+ "aws::pinpoint::apnschannel": "aws_pinpoint_apns_channel",
+ "aws::pinpoint::apnssandboxchannel": none,
+ "aws::pinpoint::apnsvoipchannel": "aws_pinpoint_apns_voip_channel",
+ "aws::pinpoint::apnsvoipsandboxchannel": "aws_pinpoint_apns_voip_sandbox_channel",
+ "aws::pinpoint::app": "aws_pinpoint_app",
+ "aws::pinpoint::applicationsettings": none,
+ "aws::pinpoint::baiduchannel": "aws_pinpoint_baidu_channel",
+ "aws::pinpoint::campaign": none,
+ "aws::pinpoint::emailchannel": "aws_pinpoint_email_channel",
+ "aws::pinpoint::emailtemplate": none,
+ "aws::pinpoint::eventstream": "aws_pinpoint_event_stream",
+ "aws::pinpoint::gcmchannel": "aws_pinpoint_gcm_channel",
+ "aws::pinpoint::inapptemplate": none,
+ "aws::pinpoint::pushtemplate": none,
+ "aws::pinpoint::segment": none,
+ "aws::pinpoint::smschannel": none,
+ "aws::pinpoint::smstemplate": "aws_pinpoint_sms_channel",
+ "aws::pinpoint::voicechannel": none,
+ "aws::pinpointemail::configurationset": none,
+ "aws::pinpointemail::configurationseteventdestination": none,
+ "aws::pinpointemail::dedicatedippool": none,
+ "aws::pinpointemail::identity": none,
+ "aws::pipes::pipe": "aws_pipes_pipe",
+ "aws::proton::environmentaccountconnection": none,
+ "aws::proton::environmenttemplate": none,
+ "aws::proton::servicetemplate": none,
+ "aws::qbusiness::application": none,
+ "aws::qbusiness::dataaccessor": none,
+ "aws::qbusiness::datasource": none,
+ "aws::qbusiness::index": none,
+ "aws::qbusiness::permission": none,
+ "aws::qbusiness::plugin": none,
+ "aws::qbusiness::retriever": none,
+ "aws::qbusiness::webexperience": none,
+ "aws::qldb::ledger": "aws_qldb_ledger",
+ "aws::qldb::stream": "aws_qldb_stream",
+ "aws::quicksight::analysis": "aws_quicksight_analysis",
+ "aws::quicksight::custompermissions": none,
+ "aws::quicksight::dashboard": "aws_quicksight_dashboard",
+ "aws::quicksight::dataset": "aws_quicksight_data_set",
+ "aws::quicksight::datasource": "aws_quicksight_data_source",
+ "aws::quicksight::folder": "aws_quicksight_folder",
+ "aws::quicksight::refreshschedule": "aws_quicksight_refresh_schedule",
+ "aws::quicksight::template": "aws_quicksight_template",
+ "aws::quicksight::theme": "aws_quicksight_theme",
+ "aws::quicksight::topic": none,
+ "aws::quicksight::vpcconnection": none,
+ "aws::ram::permission": none,
+ "aws::ram::resourceshare": "aws_ram_resource_share",
+ "aws::rbin::rule": none,
+ "aws::rds::customdbengineversion": none,
+ "aws::rds::dbcluster": "aws_rds_cluster",
+ "aws::rds::dbclusterparametergroup": "aws_rds_cluster_parameter_group",
+ "aws::rds::dbinstance": "aws_db_instance",
+ "aws::rds::dbparametergroup": "aws_db_parameter_group",
+ "aws::rds::dbproxy": "aws_db_proxy",
+ "aws::rds::dbproxyendpoint": "aws_db_proxy_endpoint",
+ "aws::rds::dbproxytargetgroup": "aws_db_proxy_default_target_group",
+ "aws::rds::dbsecuritygroup": none,
+ "aws::rds::dbsecuritygroupingress": none,
+ "aws::rds::dbshardgroup": none,
+ "aws::rds::dbsubnetgroup": "aws_db_subnet_group",
+ "aws::rds::eventsubscription": none,
+ "aws::rds::globalcluster": "aws_rds_global_cluster",
+ "aws::rds::integration": "aws_rds_integration",
+ "aws::rds::optiongroup": "aws_db_option_group",
+ "aws::redshift::cluster": "aws_redshift_cluster",
+ "aws::redshift::clusterparametergroup": none,
+ "aws::redshift::clustersecuritygroup": none,
+ "aws::redshift::clustersecuritygroupingress": none,
+ "aws::redshift::clustersubnetgroup": none,
+ "aws::redshift::endpointaccess": "aws_redshift_endpoint_access",
+ "aws::redshift::endpointauthorization": "aws_redshift_endpoint_authorization",
+ "aws::redshift::eventsubscription": "aws_redshift_event_subscription",
+ "aws::redshift::integration": none,
+ "aws::redshift::scheduledaction": "aws_redshift_scheduled_action",
+ "aws::redshiftserverless::namespace": "aws_redshiftserverless_namespace",
+ "aws::redshiftserverless::workgroup": "aws_redshiftserverless_workgroup",
+ "aws::refactorspaces::application": none,
+ "aws::refactorspaces::environment": none,
+ "aws::refactorspaces::route": none,
+ "aws::refactorspaces::service": none,
+ "aws::rekognition::collection": "aws_rekognition_collection",
+ "aws::rekognition::project": "aws_rekognition_project",
+ "aws::rekognition::streamprocessor": "aws_rekognition_stream_processor",
+ "aws::resiliencehub::app": none,
+ "aws::resiliencehub::resiliencypolicy": none,
+ "aws::resourceexplorer2::defaultviewassociation": none,
+ "aws::resourceexplorer2::index": "aws_resourceexplorer2_index",
+ "aws::resourceexplorer2::view": "aws_resourceexplorer2_view",
+ "aws::resourcegroups::group": "aws_resourcegroups_group",
+ "aws::resourcegroups::tagsynctask": none,
+ "aws::robomaker::fleet": none,
+ "aws::robomaker::robot": none,
+ "aws::robomaker::robotapplication": none,
+ "aws::robomaker::robotapplicationversion": none,
+ "aws::robomaker::simulationapplication": none,
+ "aws::robomaker::simulationapplicationversion": none,
+ "aws::rolesanywhere::crl": none,
+ "aws::rolesanywhere::profile": "aws_rolesanywhere_profile",
+ "aws::rolesanywhere::trustanchor": "aws_rolesanywhere_trust_anchor",
+ "aws::route53::cidrcollection": "aws_route53_cidr_collection",
+ "aws::route53::dnssec": "aws_route53_hosted_zone_dnssec",
+ "aws::route53::healthcheck": "aws_route53_health_check",
+ "aws::route53::hostedzone": "aws_route53_zone",
+ "aws::route53::keysigningkey": "aws_route53_key_signing_key",
+ "aws::route53::recordset": "aws_route53_record",
+ "aws::route53::recordsetgroup": none,
+ "aws::route53profiles::profile": none,
+ "aws::route53profiles::profileassociation": none,
+ "aws::route53profiles::profileresourceassociation": none,
+ "aws::route53recoverycontrol::cluster": "aws_route53recoverycontrolconfig_cluster",
+ "aws::route53recoverycontrol::controlpanel": "aws_route53recoverycontrolconfig_control_panel",
+ "aws::route53recoverycontrol::routingcontrol": "aws_route53recoverycontrolconfig_routing_control", //nolint:lll
+ "aws::route53recoverycontrol::safetyrule": "aws_route53recoverycontrolconfig_safety_rule",
+ "aws::route53recoveryreadiness::cell": "aws_route53recoveryreadiness_cell",
+ "aws::route53recoveryreadiness::readinesscheck": "aws_route53recoveryreadiness_readiness_check",
+ "aws::route53recoveryreadiness::recoverygroup": "aws_route53recoveryreadiness_recovery_group",
+ "aws::route53recoveryreadiness::resourceset": "aws_route53recoveryreadiness_resource_set",
+ "aws::route53resolver::firewalldomainlist": none,
+ "aws::route53resolver::firewallrulegroup": none,
+ "aws::route53resolver::firewallrulegroupassociation": none,
+ "aws::route53resolver::outpostresolver": none,
+ "aws::route53resolver::resolverconfig": "aws_route53_resolver_config",
+ "aws::route53resolver::resolverdnssecconfig": none,
+ "aws::route53resolver::resolverendpoint": "aws_route53_resolver_endpoint",
+ "aws::route53resolver::resolverqueryloggingconfig": "aws_route53_resolver_query_log_config",
+ "aws::route53resolver::resolverqueryloggingconfigassociation": "aws_route53_resolver_query_log_config_association",
+ "aws::route53resolver::resolverrule": "aws_route53_resolver_rule",
+ "aws::route53resolver::resolverruleassociation": "aws_route53_resolver_rule_association",
+ "aws::rum::appmonitor": "aws_rum_app_monitor",
+ "aws::s3::accessgrant": "aws_s3control_access_grant",
+ "aws::s3::accessgrantsinstance": "aws_s3control_access_grants_instance",
+ "aws::s3::accessgrantslocation": "aws_s3control_access_grants_location",
+ "aws::s3::accesspoint": "aws_s3_access_point",
+ "aws::s3::bucket": "aws_s3_bucket",
+ "aws::s3::bucketpolicy": "aws_s3_bucket_policy",
+ "aws::s3::multiregionaccesspoint": "aws_s3control_multi_region_access_point",
+ "aws::s3::multiregionaccesspointpolicy": "aws_s3control_multi_region_access_point_policy",
+ "aws::s3::storagelens": none,
+ "aws::s3::storagelensgroup": none,
+ "aws::s3express::bucketpolicy": none,
+ "aws::s3express::directorybucket": none,
+ "aws::s3objectlambda::accesspoint": none,
+ "aws::s3objectlambda::accesspointpolicy": none,
+ "aws::s3outposts::accesspoint": none,
+ "aws::s3outposts::bucket": none,
+ "aws::s3outposts::bucketpolicy": none,
+ "aws::s3outposts::endpoint": "aws_s3outposts_endpoint",
+ "aws::s3tables::tablebucket": "aws_s3tables_table_bucket",
+ "aws::s3tables::tablebucketpolicy": "aws_s3tables_table_bucket_policy",
+ "aws::sagemaker::app": "aws_sagemaker_app",
+ "aws::sagemaker::appimageconfig": "aws_sagemaker_app_image_config",
+ "aws::sagemaker::cluster": none,
+ "aws::sagemaker::coderepository": "aws_sagemaker_code_repository",
+ "aws::sagemaker::dataqualityjobdefinition": "aws_sagemaker_data_quality_job_definition",
+ "aws::sagemaker::device": "aws_sagemaker_device",
+ "aws::sagemaker::devicefleet": "aws_sagemaker_device_fleet",
+ "aws::sagemaker::domain": "aws_sagemaker_domain",
+ "aws::sagemaker::endpoint": "aws_sagemaker_endpoint",
+ "aws::sagemaker::endpointconfig": "aws_sagemaker_endpoint_configuration",
+ "aws::sagemaker::featuregroup": "aws_sagemaker_feature_group",
+ "aws::sagemaker::image": "aws_sagemaker_image",
+ "aws::sagemaker::imageversion": "aws_sagemaker_image_version",
+ "aws::sagemaker::inferencecomponent": none,
+ "aws::sagemaker::inferenceexperiment": none,
+ "aws::sagemaker::mlflowtrackingserver": none,
+ "aws::sagemaker::model": "aws_sagemaker_model",
+ "aws::sagemaker::modelbiasjobdefinition": none,
+ "aws::sagemaker::modelcard": none,
+ "aws::sagemaker::modelexplainabilityjobdefinition": none,
+ "aws::sagemaker::modelpackage": none,
+ "aws::sagemaker::modelpackagegroup": "aws_sagemaker_model_package_group",
+ "aws::sagemaker::modelqualityjobdefinition": none,
+ "aws::sagemaker::monitoringschedule": "aws_sagemaker_monitoring_schedule",
+ "aws::sagemaker::notebookinstance": "aws_sagemaker_notebook_instance",
+ "aws::sagemaker::notebookinstancelifecycleconfig": "aws_sagemaker_notebook_instance_lifecycle_configuration",
+ "aws::sagemaker::partnerapp": none,
+ "aws::sagemaker::pipeline": "aws_sagemaker_pipeline",
+ "aws::sagemaker::project": "aws_sagemaker_project",
+ "aws::sagemaker::space": none,
+ "aws::sagemaker::studiolifecycleconfig": none,
+ "aws::sagemaker::userprofile": "aws_sagemaker_user_profile",
+ "aws::sagemaker::workteam": "aws_sagemaker_workteam",
+ "aws::scheduler::schedule": "aws_scheduler_schedule",
+ "aws::scheduler::schedulegroup": "aws_scheduler_schedule_group",
+ "aws::sdb::domain": "aws_simpledb_domain",
+ "aws::secretsmanager::resourcepolicy": "aws_secretsmanager_secret_policy",
+ "aws::secretsmanager::rotationschedule": "aws_secretsmanager_secret_rotation",
+ "aws::secretsmanager::secret": "aws_secrets_manager_secret",
+ "aws::secretsmanager::secrettargetattachment": none,
+ "aws::securityhub::automationrule": "aws_securityhub_automation_rule",
+ "aws::securityhub::configurationpolicy": "aws_securityhub_configuration_policy",
+ "aws::securityhub::delegatedadmin": none,
+ "aws::securityhub::findingaggregator": "aws_securityhub_finding_aggregator",
+ "aws::securityhub::hub": none,
+ "aws::securityhub::insight": "aws_securityhub_insight",
+ "aws::securityhub::organizationconfiguration": "aws_securityhub_organization_configuration",
+ "aws::securityhub::policyassociation": none,
+ "aws::securityhub::productsubscription": "aws_securityhub_product_subscription",
+ "aws::securityhub::securitycontrol": none,
+ "aws::securityhub::standard": "aws_securityhub_standards_control",
+ "aws::securitylake::awslogsource": "aws_securitylake_aws_log_source",
+ "aws::securitylake::datalake": "aws_securitylake_data_lake",
+ "aws::securitylake::subscriber": "aws_securitylake_subscriber",
+ "aws::securitylake::subscribernotification": "aws_securitylake_subscriber_notification",
+ "aws::servicecatalog::acceptedportfolioshare": none,
+ "aws::servicecatalog::cloudformationproduct": none,
+ "aws::servicecatalog::cloudformationprovisionedproduct": none,
+ "aws::servicecatalog::launchnotificationconstraint": none,
+ "aws::servicecatalog::launchroleconstraint": none,
+ "aws::servicecatalog::launchtemplateconstraint": none,
+ "aws::servicecatalog::portfolio": "aws_service_catalog_portfolio",
+ "aws::servicecatalog::portfolioprincipalassociation": none,
+ "aws::servicecatalog::portfolioproductassociation": "aws_service_catalog_product_portfolio_association",
+ "aws::servicecatalog::portfolioshare": "aws_service_catalog_portfolio_share",
+ "aws::servicecatalog::resourceupdateconstraint": none,
+ "aws::servicecatalog::serviceaction": "aws_servicecatalog_service_action",
+ "aws::servicecatalog::serviceactionassociation": none,
+ "aws::servicecatalog::stacksetconstraint": none,
+ "aws::servicecatalog::tagoption": "aws_service_catalog_tag_option",
+ "aws::servicecatalog::tagoptionassociation": "aws_service_catalog_tag_option_association",
+ "aws::servicecatalogappregistry::application": "aws_servicecatalogappregistry_application",
+ "aws::servicecatalogappregistry::attributegroup": none,
+ "aws::servicecatalogappregistry::attributegroupassociation": none,
+ "aws::servicecatalogappregistry::resourceassociation": none,
+ "aws::servicediscovery::httpnamespace": "aws_service_discovery_http_namespace",
+ "aws::servicediscovery::instance": "aws_service_discovery_instance",
+ "aws::servicediscovery::privatednsnamespace": "aws_service_discovery_private_dns_namespace",
+ "aws::servicediscovery::publicdnsnamespace": "aws_service_discovery_public_dns_namespace",
+ "aws::servicediscovery::service": "aws_service_discovery_service",
+ "aws::ses::configurationset": "aws_ses_configuration_set",
+ "aws::ses::configurationseteventdestination": none,
+ "aws::ses::contactlist": none,
+ "aws::ses::dedicatedippool": none,
+ "aws::ses::emailidentity": none,
+ "aws::ses::mailmanageraddoninstance": none,
+ "aws::ses::mailmanageraddonsubscription": none,
+ "aws::ses::mailmanagerarchive": none,
+ "aws::ses::mailmanageringresspoint": none,
+ "aws::ses::mailmanagerrelay": none,
+ "aws::ses::mailmanagerruleset": none,
+ "aws::ses::mailmanagertrafficpolicy": none,
+ "aws::ses::receiptfilter": "aws_ses_receipt_filter",
+ "aws::ses::receiptrule": "aws_ses_receipt_rule",
+ "aws::ses::receiptruleset": none,
+ "aws::ses::template": "aws_ses_template",
+ "aws::ses::vdmattributes": none,
+ "aws::shield::drtaccess": none,
+ "aws::shield::proactiveengagement": "aws_shield_proactive_engagement",
+ "aws::shield::protection": "aws_shield_protection",
+ "aws::shield::protectiongroup": "aws_shield_protection_group",
+ "aws::signer::profilepermission": none,
+ "aws::signer::signingprofile": none,
+ "aws::simspaceweaver::simulation": none,
+ "aws::sns::subscription": "aws_sns_subscription",
+ "aws::sns::topic": "aws_sns_topic",
+ "aws::sns::topicinlinepolicy": none,
+ "aws::sns::topicpolicy": "aws_sns_topic_policy",
+ "aws::sqs::queue": "aws_sqs_queue",
+ "aws::sqs::queueinlinepolicy": none,
+ "aws::sqs::queuepolicy": "aws_sqs_queue_policy",
+ "aws::ssm::association": "aws_ssm_association",
+ "aws::ssm::document": "aws_ssm_document",
+ "aws::ssm::maintenancewindow": "aws_ssm_maintenance_window",
+ "aws::ssm::maintenancewindowtarget": "aws_ssm_maintenance_window_target",
+ "aws::ssm::maintenancewindowtask": "aws_ssm_maintenance_window_task",
+ "aws::ssm::parameter": "aws_ssm_parameter",
+ "aws::ssm::patchbaseline": "aws_ssm_patch_baseline",
+ "aws::ssm::resourcedatasync": "aws_ssm_resource_data_sync",
+ "aws::ssm::resourcepolicy": none,
+ "aws::ssmcontacts::contact": "aws_ssmcontacts_contact",
+ "aws::ssmcontacts::contactchannel": "aws_ssmcontacts_contact_channel",
+ "aws::ssmcontacts::plan": "aws_ssmcontacts_plan",
+ "aws::ssmcontacts::rotation": "aws_ssmcontacts_rotation",
+ "aws::ssmincidents::replicationset": "aws_ssmincidents_replication_set",
+ "aws::ssmincidents::responseplan": "aws_ssmincidents_response_plan",
+ "aws::ssmquicksetup::configurationmanager": none,
+ "aws::sso::application": "aws_ssoadmin_application",
+ "aws::sso::applicationassignment": "aws_ssoadmin_application_assignment",
+ "aws::sso::assignment": none,
+ "aws::sso::instance": none,
+ "aws::sso::instanceaccesscontrolattributeconfiguration": none,
+ "aws::sso::permissionset": "aws_ssoadmin_permission_set",
+ "aws::stepfunctions::activity": "aws_sfn_activity",
+ "aws::stepfunctions::statemachine": "aws_sfn_state_machine",
+ "aws::stepfunctions::statemachinealias": "aws_sfn_alias",
+ "aws::stepfunctions::statemachineversion": none,
+ "aws::supportapp::accountalias": none,
+ "aws::supportapp::slackchannelconfiguration": none,
+ "aws::supportapp::slackworkspaceconfiguration": none,
+ "aws::synthetics::canary": "aws_synthetics_canary",
+ "aws::synthetics::group": "aws_synthetics_group",
+ "aws::systemsmanagersap::application": none,
+ "aws::timestream::database": "aws_timestreamwrite_database",
+ "aws::timestream::influxdbinstance": "aws_timestreaminfluxdb_db_instance",
+ "aws::timestream::scheduledquery": none,
+ "aws::timestream::table": "aws_timestreamwrite_table",
+ "aws::transfer::agreement": "aws_transfer_agreement",
+ "aws::transfer::certificate": "aws_transfer_certificate",
+ "aws::transfer::connector": "aws_transfer_connector",
+ "aws::transfer::profile": "aws_transfer_profile",
+ "aws::transfer::server": "aws_transfer_server",
+ "aws::transfer::user": "aws_transfer_user",
+ "aws::transfer::webapp": none,
+ "aws::transfer::workflow": "aws_transfer_workflow",
+ "aws::verifiedpermissions::identitysource": "aws_verifiedpermissions_identity_source",
+ "aws::verifiedpermissions::policy": "aws_verifiedpermissions_policy",
+ "aws::verifiedpermissions::policystore": "aws_verifiedpermissions_policy_store",
+ "aws::verifiedpermissions::policytemplate": "aws_verifiedpermissions_policy_template",
+ "aws::voiceid::domain": none,
+ "aws::vpclattice::accesslogsubscription": "aws_vpclattice_access_log_subscription",
+ "aws::vpclattice::authpolicy": "aws_vpclattice_auth_policy",
+ "aws::vpclattice::listener": "aws_vpclattice_listener",
+ "aws::vpclattice::resourceconfiguration": none,
+ "aws::vpclattice::resourcegateway": "aws_vpclattice_resource_gateway",
+ "aws::vpclattice::resourcepolicy": "aws_vpclattice_resource_policy",
+ "aws::vpclattice::rule": "aws_vpclattice_listener_rule",
+ "aws::vpclattice::service": "aws_vpclattice_service",
+ "aws::vpclattice::servicenetwork": "aws_vpclattice_service_network",
+ "aws::vpclattice::servicenetworkresourceassociation": none,
+ "aws::vpclattice::servicenetworkserviceassociation": "aws_vpclattice_service_network_service_association", //nolint:lll
+ "aws::vpclattice::servicenetworkvpcassociation": "aws_vpclattice_service_network_vpc_association",
+ "aws::vpclattice::targetgroup": "aws_vpclattice_target_group",
+ "aws::waf::bytematchset": "aws_waf_byte_match_set",
+ "aws::waf::ipset": "aws_waf_ipset",
+ "aws::waf::rule": "aws_waf_rule",
+ "aws::waf::sizeconstraintset": "aws_waf_size_constraint_set",
+ "aws::waf::sqlinjectionmatchset": "aws_waf_sql_injection_match_set",
+ "aws::waf::webacl": "aws_waf_web_acl",
+ "aws::waf::xssmatchset": "aws_waf_xss_match_set",
+ "aws::wafregional::bytematchset": "aws_wafregional_byte_match_set",
+ "aws::wafregional::geomatchset": "aws_wafregional_geo_match_set",
+ "aws::wafregional::ipset": "aws_wafregional_ipset",
+ "aws::wafregional::ratebasedrule": "aws_wafregional_rate_based_rule",
+ "aws::wafregional::regexpatternset": "aws_wafregional_regex_match_set",
+ "aws::wafregional::rule": "aws_wafregional_rule",
+ "aws::wafregional::sizeconstraintset": "aws_wafregional_size_constraint_set",
+ "aws::wafregional::sqlinjectionmatchset": "aws_wafregional_sql_injection_match_set",
+ "aws::wafregional::webacl": "aws_wafregional_web_acl",
+ "aws::wafregional::webaclassociation": "aws_wafregional_web_acl_association",
+ "aws::wafregional::xssmatchset": "aws_wafregional_xss_match_set",
+ "aws::wafv2::ipset": "aws_wafv2_ip_set",
+ "aws::wafv2::loggingconfiguration": none,
+ "aws::wafv2::regexpatternset": "aws_wafv2_regex_pattern_set",
+ "aws::wafv2::rulegroup": "aws_wafv2_rule_group",
+ "aws::wafv2::webacl": "aws_wafv2_web_acl",
+ "aws::wafv2::webaclassociation": "aws_wafv2_webacl_association",
+ "aws::wisdom::aiagent": none,
+ "aws::wisdom::aiagentversion": none,
+ "aws::wisdom::aiguardrail": none,
+ "aws::wisdom::aiguardrailversion": none,
+ "aws::wisdom::aiprompt": none,
+ "aws::wisdom::aipromptversion": none,
+ "aws::wisdom::assistant": none,
+ "aws::wisdom::assistantassociation": none,
+ "aws::wisdom::knowledgebase": none,
+ "aws::wisdom::messagetemplate": none,
+ "aws::wisdom::messagetemplateversion": none,
+ "aws::workspaces::connectionalias": "aws_workspaces_connection_alias",
+ "aws::workspaces::workspace": "aws_workspaces_workspace",
+ "aws::workspaces::workspacespool": none,
+ "aws::workspacesthinclient::environment": none,
+ "aws::workspacesweb::browsersettings": none,
+ "aws::workspacesweb::dataprotectionsettings": none,
+ "aws::workspacesweb::identityprovider": none,
+ "aws::workspacesweb::ipaccesssettings": none,
+ "aws::workspacesweb::networksettings": none,
+ "aws::workspacesweb::portal": none,
+ "aws::workspacesweb::truststore": none,
+ "aws::workspacesweb::useraccessloggingsettings": none,
+ "aws::workspacesweb::usersettings": none,
+ "aws::xray::group": "aws_xray_group",
+ "aws::xray::resourcepolicy": none,
+ "aws::xray::samplingrule": "aws_xray_sampling_rule",
+ "aws::xray::transactionsearchconfig": none,
+ "aws::cloudfront::connectiongroup": none,
+ "aws::cloudfront::distributiontenant": none,
+ "aws::dsql::cluster": none,
+ "aws::ec2::routeserver": none,
+ "aws::ec2::routeserverassociation": none,
+ "aws::ec2::routeserverendpoint": none,
+ "aws::ec2::routeserverpeer": none,
+ "aws::ec2::routeserverpropagation": none,
+ "aws::ecr::registryscanningconfiguration": "aws_ecr_registry_scanning_configuration",
+ "aws::iotsitewise::dataset": none,
+
+ // add more
+ "microsoft.aad/domainservices": "azurerm_active_directory_domain_service",
+ "microsoft.analysisservices/servers": "azurerm_analysis_services_server",
+ "microsoft.apimanagement/service": "azurerm_api_management",
+ "microsoft.app/containerapps": "azurerm_container_app",
+ "microsoft.app/managedenvironments": "azurerm_container_app_environment",
+ "microsoft.authorization/roleassignments": "azurerm_role_assignment",
+ "microsoft.authorization/roledefinitions": "azurerm_role_definition",
+ "microsoft.cognitiveservices/accounts": "azurerm_cognitive_account",
+ "microsoft.compute/availabilitysets": "azurerm_availability_set",
+ "microsoft.compute/disks": "azurerm_managed_disk",
+ "microsoft.compute/virtualmachines": "azurerm_virtual_machine",
+ "microsoft.compute/virtualmachines/extensions": "azurerm_virtual_machine_extension",
+ "microsoft.compute/virtualmachinescalesets": "azurerm_linux_virtual_machine_scale_set",
+ "microsoft.containerregistry/registries": "azurerm_container_registry",
+ "microsoft.containerservice/managedclusters": "azurerm_kubernetes_cluster",
+ "microsoft.documentdb/databaseaccounts": "azurerm_cosmosdb_account",
+ "microsoft.insights/activitylogalerts": "azurerm_monitor_activity_log_alert",
+ "microsoft.keyvault/vaults": "azurerm_key_vault",
+ "microsoft.managedidentity/userassignedidentities": "azurerm_user_assigned_identity",
+ "microsoft.network/applicationgateways": "azurerm_application_gateway",
+ "microsoft.network/applicationgateways/authenticationcertificates": "azurerm_application_gateway",
+ "microsoft.network/applicationgateways/backendaddresspools": "azurerm_network_interface_application_gateway_backend_address_pool_association", //nolint:lll
+ "microsoft.network/applicationgateways/backendhttpsettingscollection": "azurerm_application_gateway",
+ "microsoft.network/applicationgateways/frontendipconfigurations": "azurerm_application_gateway",
+ "microsoft.network/applicationgateways/frontendports": "azurerm_application_gateway",
+ "microsoft.network/applicationgateways/httplisteners": "azurerm_application_gateway",
+ "microsoft.network/applicationgateways/sslcertificates": "azurerm_application_gateway",
+ "microsoft.network/applicationgatewaywebapplicationfirewallpolicies": "azurerm_web_application_firewall_policy",
+ "microsoft.network/bastionhosts": "azurerm_bastion_host",
+ "microsoft.network/networkinterfaces": "azurerm_network_interface",
+ "microsoft.network/networksecuritygroups": "azurerm_network_security_group",
+ "microsoft.network/networksecuritygroups/securityrules": "azurerm_network_security_rule",
+ "microsoft.network/privatednszones": "azurerm_private_dns_zone",
+ "microsoft.network/privateendpoints": "azurerm_private_endpoint",
+ "microsoft.network/privateendpoints/privatednszonegroups": "azurerm_private_endpoint",
+ "microsoft.network/publicipaddresses": "azurerm_public_ip",
+ "microsoft.network/virtualnetworks": "azurerm_virtual_network",
+ "microsoft.network/virtualnetworks/subnets": "azurerm_subnet",
+ "microsoft.operationalinsights/workspaces": "azurerm_log_analytics_workspace",
+ "microsoft.operationsmanagement/solutions": "azurerm_log_analytics_solution",
+ "microsoft.resources/deployments": "azurerm_template_deployment",
+ "microsoft.servicebus/namespaces": "azurerm_servicebus_namespace",
+ "microsoft.servicebus/namespaces/authorizationRules": "azurerm_servicebus_namespace_authorization_rule", //nolint:lll
+ "microsoft.servicebus/namespaces/queues": "azurerm_servicebus_queue",
+ "microsoft.storage/storageaccounts": "azurerm_storage_account",
+}