diff --git a/.docs.version b/.docs.version index 9b57ed0aea..b34c44261b 100644 --- a/.docs.version +++ b/.docs.version @@ -1 +1 @@ -910039c6da5fb0bce7349479a19966b561d06d9e +1dbf23a497c156c0725ee1ec98560fe9087bde4e diff --git a/aws-cloudformation-schema/aws-athena-datacatalog.json b/aws-cloudformation-schema/aws-athena-datacatalog.json index dad1c265e6..b11b8c1f32 100644 --- a/aws-cloudformation-schema/aws-athena-datacatalog.json +++ b/aws-cloudformation-schema/aws-athena-datacatalog.json @@ -83,5 +83,12 @@ "primaryIdentifier" : [ "/properties/Name" ], "createOnlyProperties" : [ "/properties/Name" ], "additionalProperties" : false, - "taggable" : true + "tagging" : { + "taggable" : true, + "tagOnCreate" : true, + "tagUpdatable" : true, + "cloudFormationSystemTags" : true, + "tagProperty" : "/properties/Tags", + "permissions" : [ "athena:UntagResource", "athena:TagResource", "athena:ListTagsForResource" ] + } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-b2bi-partnership.json b/aws-cloudformation-schema/aws-b2bi-partnership.json index 9ce0fbff52..c35612a488 100644 --- a/aws-cloudformation-schema/aws-b2bi-partnership.json +++ b/aws-cloudformation-schema/aws-b2bi-partnership.json @@ -81,13 +81,13 @@ "type" : "string", "maxLength" : 15, "minLength" : 2, - "pattern" : "^[a-zA-Z0-9]*$" + "pattern" : "^[a-zA-Z0-9 ]*$" }, "ApplicationReceiverCode" : { "type" : "string", "maxLength" : 15, "minLength" : 2, - "pattern" : "^[a-zA-Z0-9]*$" + "pattern" : "^[a-zA-Z0-9 ]*$" }, "ResponsibleAgencyCode" : { "type" : "string", @@ -111,7 +111,7 @@ "type" : "string", "maxLength" : 15, "minLength" : 15, - "pattern" : "^[a-zA-Z0-9]*$" + "pattern" : "^[a-zA-Z0-9 ]*$" }, "ReceiverIdQualifier" : { "type" : "string", @@ -123,7 +123,7 @@ "type" : "string", "maxLength" : 15, "minLength" : 15, - "pattern" : "^[a-zA-Z0-9]*$" + "pattern" : "^[a-zA-Z0-9 ]*$" }, "RepetitionSeparator" : { "type" : "string", diff --git a/aws-cloudformation-schema/aws-bedrock-prompt.json b/aws-cloudformation-schema/aws-bedrock-prompt.json index d4cd89e26c..f9f41dbae0 100644 --- a/aws-cloudformation-schema/aws-bedrock-prompt.json +++ b/aws-cloudformation-schema/aws-bedrock-prompt.json @@ -34,6 +34,9 @@ }, "GenAiResource" : { "$ref" : "#/definitions/PromptGenAiResource" + }, + "AdditionalModelRequestFields" : { + "$ref" : "#/definitions/AdditionalModelRequestFields" } }, "required" : [ "Name", "TemplateType", "TemplateConfiguration" ], @@ -61,6 +64,9 @@ "minItems" : 0, "description" : "List of input variables", "insertionOrder" : true + }, + "CachePoint" : { + "$ref" : "#/definitions/CachePointBlock" } }, "required" : [ ], @@ -175,6 +181,16 @@ }, "required" : [ "Text" ], "additionalProperties" : false + }, { + "title" : "CachePoint", + "type" : "object", + "properties" : { + "CachePoint" : { + "$ref" : "#/definitions/CachePointBlock" + } + }, + "required" : [ "CachePoint" ], + "additionalProperties" : false } ] }, "SystemContentBlock" : { @@ -191,6 +207,16 @@ }, "required" : [ "Text" ], "additionalProperties" : false + }, { + "title" : "CachePoint", + "type" : "object", + "properties" : { + "CachePoint" : { + "$ref" : "#/definitions/CachePointBlock" + } + }, + "required" : [ "CachePoint" ], + "additionalProperties" : false } ] }, "Message" : { @@ -262,6 +288,16 @@ }, "required" : [ "ToolSpec" ], "additionalProperties" : false + }, { + "title" : "CachePoint", + "type" : "object", + "properties" : { + "CachePoint" : { + "$ref" : "#/definitions/CachePointBlock" + } + }, + "required" : [ "CachePoint" ], + "additionalProperties" : false } ] }, "AutoToolChoice" : { @@ -445,6 +481,26 @@ "required" : [ "Agent" ], "additionalProperties" : false } ] + }, + "CachePointBlock" : { + "description" : "CachePointBlock", + "type" : "object", + "properties" : { + "Type" : { + "$ref" : "#/definitions/CachePointType" + } + }, + "required" : [ "Type" ], + "additionalProperties" : false + }, + "CachePointType" : { + "description" : "CachePoint types for CachePointBlock", + "type" : "string", + "enum" : [ "default" ] + }, + "AdditionalModelRequestFields" : { + "type" : "object", + "description" : "Contains model-specific configurations" } }, "properties" : { diff --git a/aws-cloudformation-schema/aws-bedrock-promptversion.json b/aws-cloudformation-schema/aws-bedrock-promptversion.json index a1b1f424f9..004f871fc4 100644 --- a/aws-cloudformation-schema/aws-bedrock-promptversion.json +++ b/aws-cloudformation-schema/aws-bedrock-promptversion.json @@ -35,6 +35,9 @@ }, "GenAiResource" : { "$ref" : "#/definitions/PromptGenAiResource" + }, + "AdditionalModelRequestFields" : { + "$ref" : "#/definitions/AdditionalModelRequestFields" } }, "required" : [ "Name", "TemplateType", "TemplateConfiguration" ], @@ -59,6 +62,9 @@ "minItems" : 0, "description" : "List of input variables", "insertionOrder" : true + }, + "CachePoint" : { + "$ref" : "#/definitions/CachePointBlock" } }, "required" : [ "Text" ], @@ -146,6 +152,16 @@ }, "required" : [ "Text" ], "additionalProperties" : false + }, { + "title" : "CachePoint", + "type" : "object", + "properties" : { + "CachePoint" : { + "$ref" : "#/definitions/CachePointBlock" + } + }, + "required" : [ "CachePoint" ], + "additionalProperties" : false } ] }, "SystemContentBlock" : { @@ -162,6 +178,16 @@ }, "required" : [ "Text" ], "additionalProperties" : false + }, { + "title" : "CachePoint", + "type" : "object", + "properties" : { + "CachePoint" : { + "$ref" : "#/definitions/CachePointBlock" + } + }, + "required" : [ "CachePoint" ], + "additionalProperties" : false } ] }, "Message" : { @@ -233,6 +259,16 @@ }, "required" : [ "ToolSpec" ], "additionalProperties" : false + }, { + "title" : "CachePoint", + "type" : "object", + "properties" : { + "CachePoint" : { + "$ref" : "#/definitions/CachePointBlock" + } + }, + "required" : [ "CachePoint" ], + "additionalProperties" : false } ] }, "AutoToolChoice" : { @@ -416,6 +452,26 @@ "required" : [ "Agent" ], "additionalProperties" : false } ] + }, + "CachePointBlock" : { + "description" : "CachePointBlock", + "type" : "object", + "properties" : { + "Type" : { + "$ref" : "#/definitions/CachePointType" + } + }, + "required" : [ "Type" ], + "additionalProperties" : false + }, + "CachePointType" : { + "description" : "CachePoint types for CachePointBlock", + "type" : "string", + "enum" : [ "default" ] + }, + "AdditionalModelRequestFields" : { + "type" : "object", + "description" : "Contains model-specific configurations" } }, "properties" : { diff --git a/aws-cloudformation-schema/aws-cognito-userpooldomain.json b/aws-cloudformation-schema/aws-cognito-userpooldomain.json index 119755f842..f3dd169eed 100644 --- a/aws-cloudformation-schema/aws-cognito-userpooldomain.json +++ b/aws-cloudformation-schema/aws-cognito-userpooldomain.json @@ -1,40 +1,62 @@ { "typeName" : "AWS::Cognito::UserPoolDomain", "description" : "Resource Type definition for AWS::Cognito::UserPoolDomain", - "additionalProperties" : false, + "sourceUrl" : "https://github.com/aws-cloudformation/aws-cloudformation-rpdk.git", + "tagging" : { + "taggable" : false, + "tagOnCreate" : false, + "tagUpdatable" : false, + "cloudFormationSystemTags" : false + }, + "definitions" : { + "CustomDomainConfigType" : { + "type" : "object", + "properties" : { + "CertificateArn" : { + "type" : "string" + } + }, + "additionalProperties" : false + } + }, "properties" : { - "CloudFrontDistribution" : { - "type" : "string" - }, "UserPoolId" : { "type" : "string" }, - "Id" : { + "Domain" : { "type" : "string" }, - "Domain" : { + "CustomDomainConfig" : { + "$ref" : "#/definitions/CustomDomainConfigType" + }, + "CloudFrontDistribution" : { "type" : "string" }, "ManagedLoginVersion" : { "type" : "integer" - }, - "CustomDomainConfig" : { - "$ref" : "#/definitions/CustomDomainConfigType" - } - }, - "definitions" : { - "CustomDomainConfigType" : { - "type" : "object", - "additionalProperties" : false, - "properties" : { - "CertificateArn" : { - "type" : "string" - } - } } }, + "additionalProperties" : false, "required" : [ "UserPoolId", "Domain" ], + "readOnlyProperties" : [ "/properties/CloudFrontDistribution" ], + "primaryIdentifier" : [ "/properties/UserPoolId", "/properties/Domain" ], "createOnlyProperties" : [ "/properties/UserPoolId", "/properties/Domain" ], - "primaryIdentifier" : [ "/properties/Id" ], - "readOnlyProperties" : [ "/properties/Id", "/properties/CloudFrontDistribution" ] + "writeOnlyProperties" : [ "/properties/ManagedLoginVersion" ], + "handlers" : { + "create" : { + "permissions" : [ "cognito-idp:CreateUserPoolDomain", "cognito-idp:DescribeUserPoolDomain", "cloudfront:updateDistribution" ], + "timeoutInMinutes" : 20 + }, + "read" : { + "permissions" : [ "cognito-idp:DescribeUserPoolDomain" ] + }, + "update" : { + "permissions" : [ "cognito-idp:UpdateUserPoolDomain", "cognito-idp:DescribeUserPoolDomain", "cloudfront:updateDistribution" ], + "timeoutInMinutes" : 20 + }, + "delete" : { + "permissions" : [ "cognito-idp:DeleteUserPoolDomain", "cognito-idp:DescribeUserPoolDomain" ], + "timeoutInMinutes" : 25 + } + } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-connect-contactflowversion.json b/aws-cloudformation-schema/aws-connect-contactflowversion.json new file mode 100644 index 0000000000..3eace8d134 --- /dev/null +++ b/aws-cloudformation-schema/aws-connect-contactflowversion.json @@ -0,0 +1,74 @@ +{ + "typeName" : "AWS::Connect::ContactFlowVersion", + "description" : "Resource Type Definition for ContactFlowVersion", + "sourceUrl" : "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-connect", + "definitions" : { }, + "properties" : { + "ContactFlowVersionARN" : { + "description" : "The identifier of the contact flow version (ARN).", + "type" : "string", + "pattern" : "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]+:[0-9]{12}:instance/[-a-zA-Z0-9]+/contact-flow/[-a-zA-Z0-9]+:[0-9]+$", + "minLength" : 1, + "maxLength" : 500 + }, + "ContactFlowId" : { + "description" : "The ARN of the contact flow this version is tied to.", + "type" : "string", + "pattern" : "^arn:aws[-a-z0-9]*:connect:[-a-z0-9]+:[0-9]{12}:instance/[-a-zA-Z0-9]+/contact-flow/[-a-zA-Z0-9]+$", + "minLength" : 1, + "maxLength" : 500 + }, + "Version" : { + "description" : "The version number of this revision", + "type" : "integer" + }, + "Description" : { + "description" : "The description of the version.", + "type" : "string", + "maxLength" : 500 + }, + "FlowContentSha256" : { + "description" : "Indicates the checksum value of the latest published flow content", + "type" : "string", + "pattern" : "^[a-zA-Z0-9]{64}$", + "minLength" : 1, + "maxLength" : 64 + } + }, + "additionalProperties" : false, + "tagging" : { + "taggable" : false, + "tagOnCreate" : false, + "tagUpdatable" : false, + "cloudFormationSystemTags" : false + }, + "required" : [ "ContactFlowId" ], + "primaryIdentifier" : [ "/properties/ContactFlowVersionARN" ], + "readOnlyProperties" : [ "/properties/ContactFlowVersionARN", "/properties/Version", "/properties/FlowContentSha256" ], + "createOnlyProperties" : [ "/properties/ContactFlowId", "/properties/Description" ], + "handlers" : { + "create" : { + "permissions" : [ "connect:CreateContactFlowVersion", "connect:DescribeContactFlow" ] + }, + "read" : { + "permissions" : [ "connect:DescribeContactFlow" ] + }, + "delete" : { + "permissions" : [ "connect:DeleteContactFlowVersion" ] + }, + "list" : { + "handlerSchema" : { + "properties" : { + "ContactFlowId" : { + "$ref" : "resource-schema.json#/properties/ContactFlowId" + } + }, + "required" : [ "ContactFlowId" ] + }, + "permissions" : [ "connect:ListContactFlowVersions" ] + }, + "update" : { + "permissions" : [ "connect:DescribeContactFlow" ] + } + } +} \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-datasync-locationsmb.json b/aws-cloudformation-schema/aws-datasync-locationsmb.json index ab65dd3906..b115bedd3f 100644 --- a/aws-cloudformation-schema/aws-datasync-locationsmb.json +++ b/aws-cloudformation-schema/aws-datasync-locationsmb.json @@ -108,6 +108,41 @@ "type" : "string", "pattern" : "^(efs|nfs|s3|smb|fsxw)://[a-zA-Z0-9./\\-]+$", "maxLength" : 4356 + }, + "AuthenticationType" : { + "description" : "The authentication mode used to determine identity of user.", + "type" : "string", + "enum" : [ "NTLM", "KERBEROS" ] + }, + "DnsIpAddresses" : { + "description" : "Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server.", + "type" : "array", + "items" : { + "type" : "string", + "pattern" : "\\A(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)(\\.(25[0-5]|2[0-4]\\d|[0-1]?\\d?\\d)){3}\\z", + "minLength" : 7, + "maxLength" : 15 + }, + "insertionOrder" : true, + "default" : null, + "maxItems" : 2 + }, + "KerberosPrincipal" : { + "description" : "Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files.", + "type" : "string", + "pattern" : "^.+$", + "minLength" : 1, + "maxLength" : 256 + }, + "KerberosKeytab" : { + "description" : "The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file.", + "type" : "string", + "maxLength" : 87384 + }, + "KerberosKrb5Conf" : { + "description" : "The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file.", + "type" : "string", + "maxLength" : 174764 } }, "tagging" : { @@ -119,11 +154,10 @@ "permissions" : [ "datasync:TagResource", "datasync:UntagResource", "datasync:ListTagsForResource" ] }, "additionalProperties" : false, - "required" : [ "User", "AgentArns" ], + "required" : [ "AgentArns" ], "readOnlyProperties" : [ "/properties/LocationArn", "/properties/LocationUri" ], "primaryIdentifier" : [ "/properties/LocationArn" ], - "writeOnlyProperties" : [ "/properties/Password", "/properties/Subdirectory", "/properties/ServerHostname" ], - "createOnlyProperties" : [ "/properties/ServerHostname" ], + "writeOnlyProperties" : [ "/properties/Password", "/properties/Subdirectory", "/properties/ServerHostname", "/properties/KerberosKeytab", "/properties/KerberosKrb5Conf" ], "handlers" : { "create" : { "permissions" : [ "datasync:CreateLocationSmb", "datasync:DescribeLocationSmb", "datasync:ListTagsForResource", "datasync:TagResource" ] diff --git a/aws-cloudformation-schema/aws-ec2-transitgateway.json b/aws-cloudformation-schema/aws-ec2-transitgateway.json index 4cc13e0494..90316b451d 100644 --- a/aws-cloudformation-schema/aws-ec2-transitgateway.json +++ b/aws-cloudformation-schema/aws-ec2-transitgateway.json @@ -81,23 +81,24 @@ "tagOnCreate" : true, "tagUpdatable" : true, "cloudFormationSystemTags" : true, - "tagProperty" : "/properties/Tags" + "tagProperty" : "/properties/Tags", + "permissions" : [ "ec2:CreateTags", "ec2:DeleteTags" ] }, "handlers" : { "create" : { - "permissions" : [ "ec2:CreateTransitGateway", "ec2:CreateTags", "ec2:DescribeTransitGateways", "ec2:DescribeTags", "ec2:DeleteTransitGateway", "ec2:DeleteTags", "ec2:ModifyTransitGateway", "ec2:ModifyTransitGatewayOptions" ] + "permissions" : [ "ec2:CreateTransitGateway", "ec2:CreateTags", "ec2:DescribeTransitGateways", "ec2:DescribeTags" ] }, "read" : { - "permissions" : [ "ec2:CreateTransitGateway", "ec2:CreateTags", "ec2:DescribeTransitGateways", "ec2:DescribeTags", "ec2:DeleteTransitGateway", "ec2:DeleteTags", "ec2:ModifyTransitGateway", "ec2:ModifyTransitGatewayOptions" ] + "permissions" : [ "ec2:DescribeTransitGateways", "ec2:DescribeTags" ] }, "delete" : { - "permissions" : [ "ec2:CreateTransitGateway", "ec2:CreateTags", "ec2:DescribeTransitGateways", "ec2:DescribeTags", "ec2:DeleteTransitGateway", "ec2:DeleteTags", "ec2:ModifyTransitGateway", "ec2:ModifyTransitGatewayOptions" ] + "permissions" : [ "ec2:DescribeTransitGateways", "ec2:DescribeTags", "ec2:DeleteTransitGateway", "ec2:DeleteTags" ] }, "update" : { "permissions" : [ "ec2:CreateTransitGateway", "ec2:CreateTags", "ec2:DescribeTransitGateways", "ec2:DescribeTags", "ec2:DeleteTransitGateway", "ec2:DeleteTags", "ec2:ModifyTransitGateway", "ec2:ModifyTransitGatewayOptions" ] }, "list" : { - "permissions" : [ "ec2:CreateTransitGateway", "ec2:CreateTags", "ec2:DescribeTransitGateways", "ec2:DescribeTags", "ec2:DeleteTransitGateway", "ec2:DeleteTags", "ec2:ModifyTransitGateway", "ec2:ModifyTransitGatewayOptions" ] + "permissions" : [ "ec2:DescribeTransitGateways", "ec2:DescribeTags" ] } } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-ec2-transitgatewayattachment.json b/aws-cloudformation-schema/aws-ec2-transitgatewayattachment.json index 106fc95680..2f8cbe71b5 100644 --- a/aws-cloudformation-schema/aws-ec2-transitgatewayattachment.json +++ b/aws-cloudformation-schema/aws-ec2-transitgatewayattachment.json @@ -1,6 +1,7 @@ { "sourceUrl" : "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-transitgateway", "tagging" : { + "permissions" : [ "ec2:CreateTags", "ec2:DeleteTags" ], "taggable" : true, "tagOnCreate" : true, "tagUpdatable" : true, @@ -9,19 +10,19 @@ }, "handlers" : { "read" : { - "permissions" : [ "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:CreateTransitGatewayVpcAttachment", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeTags", "ec2:DescribeTransitGatewayAttachments", "ec2:ModifyTransitGatewayVpcAttachment" ] + "permissions" : [ "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTags" ] }, "create" : { - "permissions" : [ "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:CreateTransitGatewayVpcAttachment", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeTags", "ec2:DescribeTransitGatewayAttachments", "ec2:ModifyTransitGatewayVpcAttachment" ] + "permissions" : [ "ec2:DescribeTransitGatewayVpcAttachments", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DescribeTags" ] }, "update" : { - "permissions" : [ "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTags", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteTags", "ec2:ModifyTransitGatewayVpcAttachment" ] + "permissions" : [ "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTags", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteTags", "ec2:ModifyTransitGatewayVpcAttachment" ] }, "list" : { - "permissions" : [ "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTags", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteTags", "ec2:ModifyTransitGatewayVpcAttachment" ] + "permissions" : [ "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTags" ] }, "delete" : { - "permissions" : [ "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:CreateTransitGatewayVpcAttachment", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeTags", "ec2:DescribeTransitGatewayAttachments", "ec2:ModifyTransitGatewayVpcAttachment" ] + "permissions" : [ "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteTags", "ec2:DescribeTags" ] } }, "typeName" : "AWS::EC2::TransitGatewayAttachment", diff --git a/aws-cloudformation-schema/aws-ec2-transitgatewayconnect.json b/aws-cloudformation-schema/aws-ec2-transitgatewayconnect.json index a3b8fe9a33..6da19fcfaf 100644 --- a/aws-cloudformation-schema/aws-ec2-transitgatewayconnect.json +++ b/aws-cloudformation-schema/aws-ec2-transitgatewayconnect.json @@ -67,7 +67,8 @@ "tagOnCreate" : true, "tagUpdatable" : true, "cloudFormationSystemTags" : false, - "tagProperty" : "/properties/Tags" + "tagProperty" : "/properties/Tags", + "permissions" : [ "ec2:CreateTags", "ec2:DeleteTags" ] }, "additionalProperties" : false, "readOnlyProperties" : [ "/properties/TransitGatewayAttachmentId", "/properties/State", "/properties/CreationTime", "/properties/TransitGatewayId" ], diff --git a/aws-cloudformation-schema/aws-ec2-transitgatewaymulticastdomain.json b/aws-cloudformation-schema/aws-ec2-transitgatewaymulticastdomain.json index 696a80b10f..517bae3000 100644 --- a/aws-cloudformation-schema/aws-ec2-transitgatewaymulticastdomain.json +++ b/aws-cloudformation-schema/aws-ec2-transitgatewaymulticastdomain.json @@ -75,7 +75,8 @@ "tagOnCreate" : true, "tagUpdatable" : true, "cloudFormationSystemTags" : false, - "tagProperty" : "/properties/Tags" + "tagProperty" : "/properties/Tags", + "permissions" : [ "ec2:CreateTags", "ec2:DeleteTags" ] }, "readOnlyProperties" : [ "/properties/TransitGatewayMulticastDomainId", "/properties/State", "/properties/CreationTime", "/properties/TransitGatewayMulticastDomainArn" ], "primaryIdentifier" : [ "/properties/TransitGatewayMulticastDomainId" ], diff --git a/aws-cloudformation-schema/aws-ec2-transitgatewaypeeringattachment.json b/aws-cloudformation-schema/aws-ec2-transitgatewaypeeringattachment.json index 9e57430545..33fd05cef5 100644 --- a/aws-cloudformation-schema/aws-ec2-transitgatewaypeeringattachment.json +++ b/aws-cloudformation-schema/aws-ec2-transitgatewaypeeringattachment.json @@ -1,5 +1,6 @@ { "tagging" : { + "permissions" : [ "ec2:CreateTags", "ec2:DeleteTags" ], "taggable" : true, "tagOnCreate" : true, "tagUpdatable" : true, @@ -15,19 +16,19 @@ "sourceUrl" : "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-myservice", "handlers" : { "read" : { - "permissions" : [ "ec2:DescribeTransitGatewayPeeringAttachments" ] + "permissions" : [ "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTags" ] }, "create" : { - "permissions" : [ "ec2:CreateTransitGatewayPeeringAttachment", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:CreateTags" ] + "permissions" : [ "ec2:CreateTransitGatewayPeeringAttachment", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:CreateTags", "ec2:DescribeTags" ] }, "update" : { - "permissions" : [ "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:CreateTags", "ec2:DeleteTags" ] + "permissions" : [ "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeTags" ] }, "list" : { - "permissions" : [ "ec2:DescribeTransitGatewayPeeringAttachments" ] + "permissions" : [ "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DescribeTags" ] }, "delete" : { - "permissions" : [ "ec2:DeleteTransitGatewayPeeringAttachment", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DeleteTags" ] + "permissions" : [ "ec2:DeleteTransitGatewayPeeringAttachment", "ec2:DescribeTransitGatewayPeeringAttachments", "ec2:DeleteTags", "ec2:DescribeTags" ] } }, "additionalProperties" : false, diff --git a/aws-cloudformation-schema/aws-ec2-transitgatewayvpcattachment.json b/aws-cloudformation-schema/aws-ec2-transitgatewayvpcattachment.json index 9b71f0ef5b..ad045537ed 100644 --- a/aws-cloudformation-schema/aws-ec2-transitgatewayvpcattachment.json +++ b/aws-cloudformation-schema/aws-ec2-transitgatewayvpcattachment.json @@ -91,26 +91,27 @@ "tagOnCreate" : true, "tagUpdatable" : true, "cloudFormationSystemTags" : false, - "tagProperty" : "/properties/Tags" + "tagProperty" : "/properties/Tags", + "permissions" : [ "ec2:CreateTags", "ec2:DeleteTags" ] }, "readOnlyProperties" : [ "/properties/Id" ], "writeOnlyProperties" : [ "/properties/AddSubnetIds", "/properties/RemoveSubnetIds" ], "primaryIdentifier" : [ "/properties/Id" ], "handlers" : { "create" : { - "permissions" : [ "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:CreateTransitGatewayVpcAttachment", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeTags", "ec2:DescribeTransitGatewayAttachments", "ec2:ModifyTransitGatewayVpcAttachment" ] + "permissions" : [ "ec2:DescribeTransitGatewayVpcAttachments", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DescribeTags" ] }, "read" : { - "permissions" : [ "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:CreateTransitGatewayVpcAttachment", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeTags", "ec2:DescribeTransitGatewayAttachments", "ec2:ModifyTransitGatewayVpcAttachment" ] + "permissions" : [ "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTags" ] }, "delete" : { - "permissions" : [ "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:CreateTransitGatewayVpcAttachment", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DeleteTags", "ec2:DescribeTags", "ec2:DescribeTransitGatewayAttachments", "ec2:ModifyTransitGatewayVpcAttachment" ] + "permissions" : [ "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteTags", "ec2:DescribeTags" ] }, "list" : { - "permissions" : [ "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTags", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteTags", "ec2:ModifyTransitGatewayVpcAttachment" ] + "permissions" : [ "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTags" ] }, "update" : { - "permissions" : [ "ec2:DescribeTransitGatewayAttachments", "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTags", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteTags", "ec2:ModifyTransitGatewayVpcAttachment" ] + "permissions" : [ "ec2:DescribeTransitGatewayVpcAttachments", "ec2:DescribeTags", "ec2:CreateTransitGatewayVpcAttachment", "ec2:CreateTags", "ec2:DeleteTransitGatewayVpcAttachment", "ec2:DeleteTags", "ec2:ModifyTransitGatewayVpcAttachment" ] } } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-ecs-cluster.json b/aws-cloudformation-schema/aws-ecs-cluster.json index 7c5473ea4d..4e25acf3d6 100644 --- a/aws-cloudformation-schema/aws-ecs-cluster.json +++ b/aws-cloudformation-schema/aws-ecs-cluster.json @@ -90,12 +90,12 @@ } }, "ClusterSettings" : { - "description" : "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster.", + "description" : "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. \n For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*.", "additionalProperties" : false, "type" : "object", "properties" : { "Value" : { - "description" : "The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. \n If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html).", + "description" : "The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. \n To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``.\n To use Container Insights, set the ``containerInsights`` account setting to ``enabled``.\n If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html).", "type" : "string" }, "Name" : { @@ -186,7 +186,7 @@ }, "properties" : { "ClusterSettings" : { - "description" : "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster.", + "description" : "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. \n For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*.", "type" : "array", "items" : { "$ref" : "#/definitions/ClusterSettings" diff --git a/aws-cloudformation-schema/aws-efs-mounttarget.json b/aws-cloudformation-schema/aws-efs-mounttarget.json index cf7f1b6d40..0a98bdb4e0 100644 --- a/aws-cloudformation-schema/aws-efs-mounttarget.json +++ b/aws-cloudformation-schema/aws-efs-mounttarget.json @@ -22,7 +22,7 @@ "items" : { "type" : "string" }, - "description" : "Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified." + "description" : "VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table)." }, "SubnetId" : { "type" : "string", diff --git a/aws-cloudformation-schema/aws-emr-studio.json b/aws-cloudformation-schema/aws-emr-studio.json index f39c1954c5..7671b02e15 100644 --- a/aws-cloudformation-schema/aws-emr-studio.json +++ b/aws-cloudformation-schema/aws-emr-studio.json @@ -160,10 +160,12 @@ "readOnlyProperties" : [ "/properties/StudioId", "/properties/Arn", "/properties/Url" ], "primaryIdentifier" : [ "/properties/StudioId" ], "tagging" : { - "taggable" : false, - "tagOnCreate" : false, - "tagUpdatable" : false, - "cloudFormationSystemTags" : false + "taggable" : true, + "tagOnCreate" : true, + "tagUpdatable" : true, + "cloudFormationSystemTags" : false, + "tagProperty" : "/properties/Tags", + "permissions" : [ "elasticmapreduce:AddTags", "elasticmapreduce:RemoveTags" ] }, "createOnlyProperties" : [ "/properties/AuthMode", "/properties/EngineSecurityGroupId", "/properties/ServiceRole", "/properties/UserRole", "/properties/VpcId", "/properties/WorkspaceSecurityGroupId", "/properties/TrustedIdentityPropagationEnabled", "/properties/IdcUserAssignment", "/properties/IdcInstanceArn", "/properties/EncryptionKeyArn" ], "handlers" : { diff --git a/aws-cloudformation-schema/aws-emrcontainers-virtualcluster.json b/aws-cloudformation-schema/aws-emrcontainers-virtualcluster.json index 8d64bca107..042529c13c 100644 --- a/aws-cloudformation-schema/aws-emrcontainers-virtualcluster.json +++ b/aws-cloudformation-schema/aws-emrcontainers-virtualcluster.json @@ -93,6 +93,13 @@ "items" : { "$ref" : "#/definitions/Tag" } + }, + "SecurityConfigurationId" : { + "description" : "The ID of the security configuration.", + "type" : "string", + "minLength" : 1, + "maxLength" : 64, + "pattern" : "[0-9a-z]+" } }, "additionalProperties" : false, diff --git a/aws-cloudformation-schema/aws-glue-crawler.json b/aws-cloudformation-schema/aws-glue-crawler.json index 0798209180..eb191d0160 100644 --- a/aws-cloudformation-schema/aws-glue-crawler.json +++ b/aws-cloudformation-schema/aws-glue-crawler.json @@ -157,6 +157,37 @@ } } }, + "HudiTarget" : { + "type" : "object", + "description" : "Specifies Apache Hudi data store targets.", + "additionalProperties" : false, + "properties" : { + "ConnectionName" : { + "type" : "string", + "description" : "The name of the connection to use to connect to the Hudi target." + }, + "Paths" : { + "type" : "array", + "description" : "One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix .", + "uniqueItems" : false, + "items" : { + "type" : "string" + } + }, + "Exclusions" : { + "type" : "array", + "description" : "A list of global patterns used to exclude from the crawl.", + "uniqueItems" : false, + "items" : { + "type" : "string" + } + }, + "MaximumTraversalDepth" : { + "type" : "integer", + "description" : "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time." + } + } + }, "Schedule" : { "type" : "object", "description" : "A scheduling object using a cron statement to schedule an event.", @@ -313,6 +344,14 @@ "items" : { "$ref" : "#/definitions/IcebergTarget" } + }, + "HudiTargets" : { + "type" : "array", + "description" : "Specifies Apache Hudi data store targets.", + "uniqueItems" : false, + "items" : { + "$ref" : "#/definitions/HudiTarget" + } } } }, @@ -364,7 +403,8 @@ "tagOnCreate" : true, "tagUpdatable" : true, "cloudFormationSystemTags" : false, - "tagProperty" : "/properties/Tags" + "tagProperty" : "/properties/Tags", + "permissions" : [ "glue:TagResource", "glue:UntagResource" ] }, "required" : [ "Role", "Targets" ], "createOnlyProperties" : [ "/properties/Name" ], diff --git a/aws-cloudformation-schema/aws-groundstation-dataflowendpointgroup.json b/aws-cloudformation-schema/aws-groundstation-dataflowendpointgroup.json index 9dbab4a67d..6692850d26 100644 --- a/aws-cloudformation-schema/aws-groundstation-dataflowendpointgroup.json +++ b/aws-cloudformation-schema/aws-groundstation-dataflowendpointgroup.json @@ -212,6 +212,7 @@ }, "required" : [ "EndpointDetails" ], "readOnlyProperties" : [ "/properties/Id", "/properties/Arn" ], + "createOnlyProperties" : [ "/properties/EndpointDetails", "/properties/ContactPrePassDurationSeconds", "/properties/ContactPostPassDurationSeconds" ], "primaryIdentifier" : [ "/properties/Id" ], "tagging" : { "taggable" : true, diff --git a/aws-cloudformation-schema/aws-groundstation-missionprofile.json b/aws-cloudformation-schema/aws-groundstation-missionprofile.json index 84c776d5ff..eed7a8aa6e 100644 --- a/aws-cloudformation-schema/aws-groundstation-missionprofile.json +++ b/aws-cloudformation-schema/aws-groundstation-missionprofile.json @@ -40,12 +40,18 @@ "KmsAliasArn" : { "type" : "string", "pattern" : "^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$" + }, + "KmsAliasName" : { + "type" : "string", + "pattern" : "^alias/[a-zA-Z0-9:/_-]+$" } }, "oneOf" : [ { "required" : [ "KmsKeyArn" ] }, { "required" : [ "KmsAliasArn" ] + }, { + "required" : [ "KmsAliasName" ] } ], "additionalProperties" : false } diff --git a/aws-cloudformation-schema/aws-iotsitewise-dashboard.json b/aws-cloudformation-schema/aws-iotsitewise-dashboard.json index efa9e75d00..6392b3c31f 100644 --- a/aws-cloudformation-schema/aws-iotsitewise-dashboard.json +++ b/aws-cloudformation-schema/aws-iotsitewise-dashboard.json @@ -81,7 +81,7 @@ "permissions" : [ "iotsitewise:DescribeDashboard", "iotsitewise:DeleteDashboard" ] }, "list" : { - "permissions" : [ "iotsitewise:ListDashboards", "iotsitewise:ListTagsForResource" ] + "permissions" : [ "iotsitewise:ListDashboards", "iotsitewise:ListPortals", "iotsitewise:ListProjects", "iotsitewise:ListTagsForResource" ] } } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-iotsitewise-gateway.json b/aws-cloudformation-schema/aws-iotsitewise-gateway.json index 88012be02a..89a29f88cb 100644 --- a/aws-cloudformation-schema/aws-iotsitewise-gateway.json +++ b/aws-cloudformation-schema/aws-iotsitewise-gateway.json @@ -75,8 +75,6 @@ }, "GatewayPlatform" : { "oneOf" : [ { - "required" : [ "Greengrass" ] - }, { "required" : [ "GreengrassV2" ] }, { "required" : [ "SiemensIE" ] diff --git a/aws-cloudformation-schema/aws-iotsitewise-project.json b/aws-cloudformation-schema/aws-iotsitewise-project.json index b1a305517a..0a77991bde 100644 --- a/aws-cloudformation-schema/aws-iotsitewise-project.json +++ b/aws-cloudformation-schema/aws-iotsitewise-project.json @@ -88,7 +88,7 @@ "permissions" : [ "iotsitewise:DescribeProject", "iotsitewise:DeleteProject" ] }, "list" : { - "permissions" : [ "iotsitewise:ListProjects", "iotsitewise:ListTagsForResource" ] + "permissions" : [ "iotsitewise:ListPortals", "iotsitewise:ListProjects", "iotsitewise:ListTagsForResource" ] } } } \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-ivs-playbackkeypair.json b/aws-cloudformation-schema/aws-ivs-playbackkeypair.json index 8feb4b243c..cd15fb573d 100644 --- a/aws-cloudformation-schema/aws-ivs-playbackkeypair.json +++ b/aws-cloudformation-schema/aws-ivs-playbackkeypair.json @@ -14,7 +14,7 @@ }, "Value" : { "type" : "string", - "minLength" : 1, + "minLength" : 0, "maxLength" : 256 } }, diff --git a/aws-cloudformation-schema/aws-ivs-publickey.json b/aws-cloudformation-schema/aws-ivs-publickey.json index 9411d472a4..bd6ee912f9 100644 --- a/aws-cloudformation-schema/aws-ivs-publickey.json +++ b/aws-cloudformation-schema/aws-ivs-publickey.json @@ -13,7 +13,7 @@ }, "Value" : { "type" : "string", - "minLength" : 1, + "minLength" : 0, "maxLength" : 256 } }, diff --git a/aws-cloudformation-schema/aws-ivschat-loggingconfiguration.json b/aws-cloudformation-schema/aws-ivschat-loggingconfiguration.json index 80677fd16d..bf848f886c 100644 --- a/aws-cloudformation-schema/aws-ivschat-loggingconfiguration.json +++ b/aws-cloudformation-schema/aws-ivschat-loggingconfiguration.json @@ -132,7 +132,8 @@ "tagOnCreate" : true, "tagUpdatable" : true, "cloudFormationSystemTags" : false, - "tagProperty" : "/properties/Tags" + "tagProperty" : "/properties/Tags", + "permissions" : [ "ivschat:TagResource", "ivschat:UntagResource", "ivschat:ListTagsForResource" ] }, "required" : [ "DestinationConfiguration" ], "readOnlyProperties" : [ "/properties/Arn", "/properties/Id", "/properties/State" ], diff --git a/aws-cloudformation-schema/aws-neptune-dbcluster.json b/aws-cloudformation-schema/aws-neptune-dbcluster.json index e8563b5d89..81273b61c1 100644 --- a/aws-cloudformation-schema/aws-neptune-dbcluster.json +++ b/aws-cloudformation-schema/aws-neptune-dbcluster.json @@ -227,7 +227,8 @@ "tagOnCreate" : true, "tagUpdatable" : true, "cloudFormationSystemTags" : true, - "tagProperty" : "/properties/Tags" + "tagProperty" : "/properties/Tags", + "permissions" : [ "rds:AddTagsToResource", "rds:ListTagsForResource", "rds:RemoveTagsFromResource" ] }, "handlers" : { "create" : { diff --git a/aws-cloudformation-schema/aws-s3-accessgrantsinstance.json b/aws-cloudformation-schema/aws-s3-accessgrantsinstance.json index 51bec0fbe0..935cad39ab 100644 --- a/aws-cloudformation-schema/aws-s3-accessgrantsinstance.json +++ b/aws-cloudformation-schema/aws-s3-accessgrantsinstance.json @@ -52,7 +52,6 @@ "required" : [ ], "readOnlyProperties" : [ "/properties/AccessGrantsInstanceArn", "/properties/AccessGrantsInstanceId" ], "createOnlyProperties" : [ "/properties/Tags" ], - "writeOnlyProperties" : [ "/properties/Tags" ], "primaryIdentifier" : [ "/properties/AccessGrantsInstanceArn" ], "tagging" : { "taggable" : true, diff --git a/aws-cloudformation-schema/aws-sagemaker-mlflowtrackingserver.json b/aws-cloudformation-schema/aws-sagemaker-mlflowtrackingserver.json index 9cc5fd15bf..3e6a3e267e 100644 --- a/aws-cloudformation-schema/aws-sagemaker-mlflowtrackingserver.json +++ b/aws-cloudformation-schema/aws-sagemaker-mlflowtrackingserver.json @@ -100,7 +100,7 @@ "handlers" : { "create" : { "permissions" : [ "sagemaker:CreateMlflowTrackingServer", "sagemaker:DescribeMlflowTrackingServer", "sagemaker:AddTags", "sagemaker:ListTags", "iam:PassRole" ], - "timeoutInMinutes" : 65 + "timeoutInMinutes" : 95 }, "read" : { "permissions" : [ "sagemaker:DescribeMlflowTrackingServer", "sagemaker:ListTags" ] @@ -111,7 +111,7 @@ }, "delete" : { "permissions" : [ "sagemaker:DeleteMlflowTrackingServer", "sagemaker:DescribeMlflowTrackingServer" ], - "timeoutInMinutes" : 65 + "timeoutInMinutes" : 95 }, "list" : { "permissions" : [ "sagemaker:ListMlflowTrackingServers" ] diff --git a/aws-cloudformation-schema/aws-transfer-webapp.json b/aws-cloudformation-schema/aws-transfer-webapp.json new file mode 100644 index 0000000000..fcc821f713 --- /dev/null +++ b/aws-cloudformation-schema/aws-transfer-webapp.json @@ -0,0 +1,161 @@ +{ + "typeName" : "AWS::Transfer::WebApp", + "description" : "Resource Type definition for AWS::Transfer::WebApp", + "definitions" : { + "IdentityProviderDetails" : { + "type" : "object", + "description" : "You can provide a structure that contains the details for the identity provider to use with your web app.", + "properties" : { + "ApplicationArn" : { + "type" : "string", + "maxLength" : 1224, + "minLength" : 10, + "pattern" : "^arn:[\\w-]+:sso::\\d{12}:application/(sso)?ins-[a-zA-Z0-9-.]{16}/apl-[a-zA-Z0-9]{16}$" + }, + "InstanceArn" : { + "type" : "string", + "description" : "The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app.", + "maxLength" : 1224, + "minLength" : 10, + "pattern" : "^arn:[\\w-]+:sso:::instance/(sso)?ins-[a-zA-Z0-9-.]{16}$" + }, + "Role" : { + "type" : "string", + "description" : "The IAM role in IAM Identity Center used for the web app.", + "maxLength" : 2048, + "minLength" : 20, + "pattern" : "^arn:[a-z-]+:iam::[0-9]{12}:role[:/]\\S+$" + } + }, + "additionalProperties" : false + }, + "Tag" : { + "type" : "object", + "description" : "Key-value pair that can be used to group and search for web apps.", + "properties" : { + "Key" : { + "type" : "string", + "maxLength" : 128, + "minLength" : 0 + }, + "Value" : { + "type" : "string", + "maxLength" : 256, + "minLength" : 0 + } + }, + "required" : [ "Key", "Value" ], + "additionalProperties" : false + }, + "WebAppCustomization" : { + "type" : "object", + "properties" : { + "Title" : { + "description" : "Specifies a title to display on the web app.", + "type" : "string", + "maxLength" : 100, + "minLength" : 0 + }, + "LogoFile" : { + "description" : "Specifies a logo to display on the web app.", + "type" : "string", + "minLength" : 1, + "maxLength" : 51200 + }, + "FaviconFile" : { + "description" : "Specifies a favicon to display in the browser tab.", + "type" : "string", + "minLength" : 1, + "maxLength" : 20960 + } + }, + "additionalProperties" : false + }, + "WebAppUnits" : { + "oneOf" : [ { + "type" : "object", + "description" : "A union that contains the value for number of concurrent connections or the user sessions on your web app.", + "title" : "Provisioned", + "properties" : { + "Provisioned" : { + "type" : "integer", + "minimum" : 1 + } + }, + "required" : [ "Provisioned" ], + "additionalProperties" : false + } ] + } + }, + "properties" : { + "Arn" : { + "description" : "Specifies the unique Amazon Resource Name (ARN) for the web app.", + "type" : "string", + "pattern" : "arn:.*", + "minLength" : 20, + "maxLength" : 1600 + }, + "WebAppId" : { + "description" : "A unique identifier for the web app.", + "type" : "string", + "pattern" : "^webapp-([0-9a-f]{17})$", + "minLength" : 24, + "maxLength" : 24 + }, + "IdentityProviderDetails" : { + "$ref" : "#/definitions/IdentityProviderDetails" + }, + "AccessEndpoint" : { + "description" : "The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value.", + "type" : "string", + "minLength" : 1, + "maxLength" : 1024 + }, + "WebAppUnits" : { + "$ref" : "#/definitions/WebAppUnits" + }, + "WebAppCustomization" : { + "$ref" : "#/definitions/WebAppCustomization" + }, + "Tags" : { + "type" : "array", + "description" : "Key-value pairs that can be used to group and search for web apps.", + "maxItems" : 50, + "insertionOrder" : false, + "items" : { + "$ref" : "#/definitions/Tag" + } + } + }, + "additionalProperties" : false, + "required" : [ "IdentityProviderDetails" ], + "readOnlyProperties" : [ "/properties/Arn", "/properties/WebAppId", "/properties/IdentityProviderDetails/ApplicationArn" ], + "createOnlyProperties" : [ "/properties/IdentityProviderDetails/InstanceArn" ], + "primaryIdentifier" : [ "/properties/Arn" ], + "additionalIdentifiers" : [ [ "/properties/WebAppId" ] ], + "tagging" : { + "taggable" : true, + "tagOnCreate" : true, + "tagUpdatable" : true, + "cloudFormationSystemTags" : true, + "tagProperty" : "/properties/Tags", + "permissions" : [ "transfer:TagResource", "transfer:UnTagResource", "transfer:ListTagsForResource" ] + }, + "handlers" : { + "create" : { + "permissions" : [ "transfer:CreateWebApp", "transfer:DescribeWebApp", "transfer:DescribeWebAppCustomization", "transfer:TagResource", "transfer:UpdateWebAppCustomization", "iam:PassRole", "sso:CreateApplication", "sso:DescribeApplication", "sso:ListApplications", "sso:PutApplicationGrant", "sso:GetApplicationGrant", "sso:ListApplicationGrants", "sso:PutApplicationAuthenticationMethod", "sso:GetApplicationAuthenticationMethod", "sso:ListApplicationAuthenticationMethods", "sso:PutApplicationAccessScope", "sso:GetApplicationAccessScope", "sso:ListApplicationAccessScopes" ] + }, + "read" : { + "permissions" : [ "transfer:DescribeWebApp", "transfer:DescribeWebAppCustomization" ] + }, + "update" : { + "permissions" : [ "transfer:DescribeWebApp", "transfer:DescribeWebAppCustomization", "transfer:UpdateWebApp", "transfer:UpdateWebAppCustomization", "transfer:DeleteWebAppCustomization", "transfer:UnTagResource", "transfer:TagResource", "iam:PassRole", "sso:PutApplicationGrant", "sso:GetApplicationGrant", "sso:ListApplicationGrants", "sso:UpdateApplication", "sso:DescribeApplication", "sso:ListApplications" ] + }, + "delete" : { + "permissions" : [ "transfer:DeleteWebApp", "sso:DescribeApplication", "sso:DeleteApplication" ] + }, + "list" : { + "permissions" : [ "transfer:ListWebApps" ] + } + } +} \ No newline at end of file diff --git a/aws-cloudformation-schema/aws-workspacesthinclient-environment.json b/aws-cloudformation-schema/aws-workspacesthinclient-environment.json index 74c02db850..30e0379810 100644 --- a/aws-cloudformation-schema/aws-workspacesthinclient-environment.json +++ b/aws-cloudformation-schema/aws-workspacesthinclient-environment.json @@ -221,7 +221,7 @@ "permissions" : [ "thinclient:GetEnvironment", "thinclient:ListTagsForResource", "kms:Decrypt" ] }, "update" : { - "permissions" : [ "appstream:DescribeStacks", "workspaces:DescribeWorkspaceDirectories", "workspaces-web:GetPortal", "workspaces-web:GetUserSettings", "thinclient:UpdateEnvironment", "thinclient:ListTagsForResource", "thinclient:TagResource", "thinclient:UntagResource", "kms:Decrypt", "kms:GenerateDataKey" ] + "permissions" : [ "appstream:DescribeStacks", "workspaces:DescribeWorkspaceDirectories", "workspaces-web:GetPortal", "workspaces-web:GetUserSettings", "thinclient:UpdateEnvironment", "thinclient:TagResource", "thinclient:UntagResource", "kms:Decrypt", "kms:GenerateDataKey" ] }, "delete" : { "permissions" : [ "thinclient:DeleteEnvironment", "thinclient:UntagResource", "kms:Decrypt", "kms:RetireGrant" ] diff --git a/meta/.botocore.version b/meta/.botocore.version index 4a9a4646be..73effa5793 100644 --- a/meta/.botocore.version +++ b/meta/.botocore.version @@ -1 +1 @@ -1.36.15 +1.36.18 diff --git a/provider/cmd/pulumi-gen-aws-native/deprecated-types.txt b/provider/cmd/pulumi-gen-aws-native/deprecated-types.txt index 7446619eb1..4c06290fe2 100644 --- a/provider/cmd/pulumi-gen-aws-native/deprecated-types.txt +++ b/provider/cmd/pulumi-gen-aws-native/deprecated-types.txt @@ -1,4 +1,3 @@ -AWS::Cognito::UserPoolDomain AWS::GameCast::Application AWS::GameCast::StreamGroup AWS::NimbleStudio::LaunchProfile diff --git a/provider/cmd/pulumi-gen-aws-native/supported-types.txt b/provider/cmd/pulumi-gen-aws-native/supported-types.txt index 5e06231895..fb64482a65 100644 --- a/provider/cmd/pulumi-gen-aws-native/supported-types.txt +++ b/provider/cmd/pulumi-gen-aws-native/supported-types.txt @@ -228,6 +228,7 @@ AWS::Connect::AgentStatus AWS::Connect::ApprovedOrigin AWS::Connect::ContactFlow AWS::Connect::ContactFlowModule +AWS::Connect::ContactFlowVersion AWS::Connect::EmailAddress AWS::Connect::EvaluationForm AWS::Connect::HoursOfOperation @@ -1074,6 +1075,7 @@ AWS::Transfer::Connector AWS::Transfer::Profile AWS::Transfer::Server AWS::Transfer::User +AWS::Transfer::WebApp AWS::Transfer::Workflow AWS::VerifiedPermissions::IdentitySource AWS::VerifiedPermissions::Policy diff --git a/provider/cmd/pulumi-resource-aws-native/metadata.json b/provider/cmd/pulumi-resource-aws-native/metadata.json index b079807f62..87ec2a8e40 100644 --- a/provider/cmd/pulumi-resource-aws-native/metadata.json +++ b/provider/cmd/pulumi-resource-aws-native/metadata.json @@ -12789,7 +12789,7 @@ }, "agentAliasStatus": { "$ref": "#/types/aws-native:bedrock:AgentAliasStatus", - "description": "The status of the alias of the agent and whether it is ready for use. The following statuses are possible:\n\n- CREATING – The agent alias is being created.\n- PREPARED – The agent alias is finished being created or updated and is ready to be invoked.\n- FAILED – The agent alias API operation failed.\n- UPDATING – The agent alias is being updated.\n- DELETING – The agent alias is being deleted." + "description": "The status of the alias of the agent and whether it is ready for use. The following statuses are possible:\n\n- CREATING – The agent alias is being created.\n- PREPARED – The agent alias is finished being created or updated and is ready to be invoked.\n- FAILED – The agent alias API operation failed.\n- UPDATING – The agent alias is being updated.\n- DELETING – The agent alias is being deleted.\n- DISSOCIATED - The agent alias has no version associated with it." }, "agentId": { "type": "string", @@ -21917,10 +21917,6 @@ } }, "outputs": { - "awsId": { - "type": "string", - "description": "The resource ID." - }, "cloudFrontDistribution": { "type": "string", "description": "The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider." @@ -21953,14 +21949,14 @@ "userPoolId" ], "readOnly": [ - "cloudFrontDistribution", - "id" + "cloudFrontDistribution" + ], + "writeOnly": [ + "managedLoginVersion" ], - "irreversibleNames": { - "awsId": "Id" - }, "primaryIdentifier": [ - "id" + "userPoolId", + "domain" ] }, "aws-native:cognito:UserPoolGroup": { @@ -23586,6 +23582,62 @@ "contactFlowModuleArn" ] }, + "aws-native:connect:ContactFlowVersion": { + "cf": "AWS::Connect::ContactFlowVersion", + "inputs": { + "contactFlowId": { + "type": "string", + "description": "The ARN of the contact flow this version is tied to." + }, + "description": { + "type": "string", + "description": "The description of the version." + } + }, + "outputs": { + "contactFlowId": { + "type": "string", + "description": "The ARN of the contact flow this version is tied to.", + "replaceOnChanges": true + }, + "contactFlowVersionArn": { + "type": "string", + "description": "The identifier of the contact flow version (ARN)." + }, + "description": { + "type": "string", + "description": "The description of the version.", + "replaceOnChanges": true + }, + "flowContentSha256": { + "type": "string", + "description": "Indicates the checksum value of the latest published flow content" + }, + "version": { + "type": "integer", + "description": "The version number of this revision" + } + }, + "required": [ + "contactFlowId" + ], + "createOnly": [ + "contactFlowId", + "description" + ], + "readOnly": [ + "contactFlowVersionArn", + "flowContentSha256", + "version" + ], + "irreversibleNames": { + "contactFlowVersionArn": "ContactFlowVersionARN", + "flowContentSha256": "FlowContentSha256" + }, + "primaryIdentifier": [ + "contactFlowVersionArn" + ] + }, "aws-native:connect:EmailAddress": { "cf": "AWS::Connect::EmailAddress", "inputs": { @@ -28730,10 +28782,33 @@ }, "description": "The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location." }, + "authenticationType": { + "$ref": "#/types/aws-native:datasync:LocationSmbAuthenticationType", + "description": "The authentication mode used to determine identity of user." + }, + "dnsIpAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server." + }, "domain": { "type": "string", "description": "The name of the Windows domain that the SMB server belongs to." }, + "kerberosKeytab": { + "type": "string", + "description": "The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file." + }, + "kerberosKrb5Conf": { + "type": "string", + "description": "The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file." + }, + "kerberosPrincipal": { + "type": "string", + "description": "Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files." + }, "mountOptions": { "$ref": "#/types/aws-native:datasync:LocationSmbMountOptions", "description": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server." @@ -28770,10 +28845,33 @@ }, "description": "The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location." }, + "authenticationType": { + "$ref": "#/types/aws-native:datasync:LocationSmbAuthenticationType", + "description": "The authentication mode used to determine identity of user." + }, + "dnsIpAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server." + }, "domain": { "type": "string", "description": "The name of the Windows domain that the SMB server belongs to." }, + "kerberosKeytab": { + "type": "string", + "description": "The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file." + }, + "kerberosKrb5Conf": { + "type": "string", + "description": "The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file." + }, + "kerberosPrincipal": { + "type": "string", + "description": "Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files." + }, "locationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SMB location that is created." @@ -28792,8 +28890,7 @@ }, "serverHostname": { "type": "string", - "description": "The name of the SMB server. This value is the IP address or Domain Name Service (DNS) name of the SMB server.", - "replaceOnChanges": true + "description": "The name of the SMB server. This value is the IP address or Domain Name Service (DNS) name of the SMB server." }, "subdirectory": { "type": "string", @@ -28812,17 +28909,15 @@ } }, "required": [ - "agentArns", - "user" - ], - "createOnly": [ - "serverHostname" + "agentArns" ], "readOnly": [ "locationArn", "locationUri" ], "writeOnly": [ + "kerberosKeytab", + "kerberosKrb5Conf", "password", "serverHostname", "subdirectory" @@ -42265,7 +42360,7 @@ "items": { "$ref": "#/types/aws-native:ecs:ClusterSettings" }, - "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster." + "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. \n For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*." }, "configuration": { "$ref": "#/types/aws-native:ecs:ClusterConfiguration", @@ -42312,7 +42407,7 @@ "items": { "$ref": "#/types/aws-native:ecs:ClusterSettings" }, - "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster." + "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. \n For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*." }, "configuration": { "$ref": "#/types/aws-native:ecs:ClusterConfiguration", @@ -43453,7 +43548,7 @@ "items": { "type": "string" }, - "description": "Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified." + "description": "VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table)." }, "subnetId": { "type": "string", @@ -43480,7 +43575,7 @@ "items": { "type": "string" }, - "description": "Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified." + "description": "VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table)." }, "subnetId": { "type": "string", @@ -46675,6 +46770,10 @@ "type": "string", "description": "Name of the virtual cluster." }, + "securityConfigurationId": { + "type": "string", + "description": "The ID of the security configuration." + }, "tags": { "type": "array", "items": { @@ -46702,6 +46801,10 @@ "description": "Name of the virtual cluster.", "replaceOnChanges": true }, + "securityConfigurationId": { + "type": "string", + "description": "The ID of the security configuration." + }, "tags": { "type": "array", "items": { @@ -49236,7 +49339,7 @@ }, "securityServicePolicyData": { "$ref": "#/types/aws-native:fms:PolicySecurityServicePolicyData", - "description": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" + "description": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" }, "tags": { "type": "array", @@ -49318,7 +49421,7 @@ }, "securityServicePolicyData": { "$ref": "#/types/aws-native:fms:PolicySecurityServicePolicyData", - "description": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" + "description": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" }, "tags": { "type": "array", @@ -53636,18 +53739,21 @@ }, "contactPostPassDurationSeconds": { "type": "integer", - "description": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state." + "description": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state.", + "replaceOnChanges": true }, "contactPrePassDurationSeconds": { "type": "integer", - "description": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state." + "description": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state.", + "replaceOnChanges": true }, "endpointDetails": { "type": "array", "items": { "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupEndpointDetails" }, - "description": "List of Endpoint Details, containing address and port for each endpoint." + "description": "List of Endpoint Details, containing address and port for each endpoint.", + "replaceOnChanges": true }, "tags": { "type": "array", @@ -53660,6 +53766,11 @@ "required": [ "endpointDetails" ], + "createOnly": [ + "contactPostPassDurationSeconds", + "contactPrePassDurationSeconds", + "endpointDetails" + ], "readOnly": [ "arn", "id" @@ -96186,9 +96297,6 @@ "accessGrantsInstanceArn", "accessGrantsInstanceId" ], - "writeOnly": [ - "tags" - ], "tagsProperty": "tags", "tagsStyle": "keyValueArrayCreateOnly", "primaryIdentifier": [ @@ -108911,6 +109019,83 @@ "arn" ] }, + "aws-native:transfer:WebApp": { + "cf": "AWS::Transfer::WebApp", + "inputs": { + "accessEndpoint": { + "type": "string", + "description": "The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value." + }, + "identityProviderDetails": { + "$ref": "#/types/aws-native:transfer:WebAppIdentityProviderDetails", + "description": "You can provide a structure that contains the details for the identity provider to use with your web app.\n\nFor more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for web apps." + }, + "webAppCustomization": { + "$ref": "#/types/aws-native:transfer:WebAppCustomization", + "description": "A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app." + }, + "webAppUnits": { + "$ref": "#/types/aws-native:transfer:WebAppUnitsProperties", + "description": "A union that contains the value for number of concurrent connections or the user sessions on your web app." + } + }, + "outputs": { + "accessEndpoint": { + "type": "string", + "description": "The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value." + }, + "arn": { + "type": "string", + "description": "Specifies the unique Amazon Resource Name (ARN) for the web app." + }, + "identityProviderDetails": { + "$ref": "#/types/aws-native:transfer:WebAppIdentityProviderDetails", + "description": "You can provide a structure that contains the details for the identity provider to use with your web app.\n\nFor more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for web apps." + }, + "webAppCustomization": { + "$ref": "#/types/aws-native:transfer:WebAppCustomization", + "description": "A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app." + }, + "webAppId": { + "type": "string", + "description": "A unique identifier for the web app." + }, + "webAppUnits": { + "$ref": "#/types/aws-native:transfer:WebAppUnitsProperties", + "description": "A union that contains the value for number of concurrent connections or the user sessions on your web app." + } + }, + "required": [ + "identityProviderDetails" + ], + "createOnly": [ + "identityProviderDetails/instanceArn" + ], + "readOnly": [ + "arn", + "identityProviderDetails/applicationArn", + "webAppId" + ], + "tagsProperty": "tags", + "tagsStyle": "keyValueArray", + "primaryIdentifier": [ + "arn" + ] + }, "aws-native:transfer:Workflow": { "cf": "AWS::Transfer::Workflow", "inputs": { @@ -128071,6 +128256,9 @@ } } }, + "aws-native:bedrock:PromptAdditionalModelRequestFields": { + "type": "object" + }, "aws-native:bedrock:PromptAgentResource": { "type": "object", "properties": { @@ -128086,6 +128274,17 @@ "aws-native:bedrock:PromptAutoToolChoice": { "type": "object" }, + "aws-native:bedrock:PromptCachePointBlock": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:bedrock:PromptCachePointType" + } + } + }, + "aws-native:bedrock:PromptCachePointType": { + "type": "string" + }, "aws-native:bedrock:PromptChatPromptTemplateConfiguration": { "type": "object", "properties": { @@ -128106,7 +128305,14 @@ "system": { "type": "array", "items": { - "$ref": "#/types/aws-native:bedrock:PromptSystemContentBlockProperties" + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:PromptSystemContentBlock0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:PromptSystemContentBlock1Properties" + } + ] }, "description": "Configuration for chat prompt template" }, @@ -128124,12 +128330,11 @@ } } }, - "aws-native:bedrock:PromptContentBlockProperties": { + "aws-native:bedrock:PromptContentBlock1Properties": { "type": "object", "properties": { - "text": { - "type": "string", - "description": "Configuration for chat prompt template" + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptCachePointBlock" } } }, @@ -128183,7 +128388,14 @@ "content": { "type": "array", "items": { - "$ref": "#/types/aws-native:bedrock:PromptContentBlockProperties" + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:PromptContentBlock0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:PromptContentBlock1Properties" + } + ] }, "description": "List of Content Blocks" }, @@ -128234,12 +128446,11 @@ } } }, - "aws-native:bedrock:PromptSystemContentBlockProperties": { + "aws-native:bedrock:PromptSystemContentBlock1Properties": { "type": "object", "properties": { - "text": { - "type": "string", - "description": "Configuration for chat prompt template" + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptCachePointBlock" } } }, @@ -128265,6 +128476,9 @@ "aws-native:bedrock:PromptTextPromptTemplateConfiguration": { "type": "object", "properties": { + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptCachePointBlock" + }, "inputVariables": { "type": "array", "items": { @@ -128309,6 +128523,14 @@ } } }, + "aws-native:bedrock:PromptTool1Properties": { + "type": "object", + "properties": { + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptCachePointBlock" + } + } + }, "aws-native:bedrock:PromptToolChoice0Properties": { "type": "object", "properties": { @@ -128352,7 +128574,14 @@ "tools": { "type": "array", "items": { - "$ref": "#/types/aws-native:bedrock:PromptToolProperties" + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:PromptTool0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:PromptTool1Properties" + } + ] }, "description": "List of Tools" } @@ -128374,14 +128603,6 @@ } } }, - "aws-native:bedrock:PromptToolProperties": { - "type": "object", - "properties": { - "toolSpec": { - "$ref": "#/types/aws-native:bedrock:PromptToolSpecification" - } - } - }, "aws-native:bedrock:PromptToolSpecification": { "type": "object", "properties": { @@ -128400,6 +128621,10 @@ "aws-native:bedrock:PromptVariant": { "type": "object", "properties": { + "additionalModelRequestFields": { + "$ref": "#/types/aws-native:bedrock:PromptAdditionalModelRequestFields", + "description": "Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) ." + }, "genAiResource": { "$ref": "#/types/aws-native:bedrock:PromptGenAiResourceProperties", "description": "Specifies a generative AI resource with which to use the prompt." @@ -128433,12 +128658,26 @@ } } }, + "aws-native:bedrock:PromptVersionAdditionalModelRequestFields": { + "type": "object" + }, "aws-native:bedrock:PromptVersionAnyToolChoice": { "type": "object" }, "aws-native:bedrock:PromptVersionAutoToolChoice": { "type": "object" }, + "aws-native:bedrock:PromptVersionCachePointBlock": { + "type": "object", + "properties": { + "type": { + "$ref": "#/types/aws-native:bedrock:PromptVersionCachePointType" + } + } + }, + "aws-native:bedrock:PromptVersionCachePointType": { + "type": "string" + }, "aws-native:bedrock:PromptVersionChatPromptTemplateConfiguration": { "type": "object", "properties": { @@ -128459,7 +128698,14 @@ "system": { "type": "array", "items": { - "$ref": "#/types/aws-native:bedrock:PromptVersionSystemContentBlockProperties" + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:PromptVersionSystemContentBlock0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:PromptVersionSystemContentBlock1Properties" + } + ] }, "description": "Configuration for chat prompt template" }, @@ -128477,12 +128723,11 @@ } } }, - "aws-native:bedrock:PromptVersionContentBlockProperties": { + "aws-native:bedrock:PromptVersionContentBlock1Properties": { "type": "object", "properties": { - "text": { - "type": "string", - "description": "Configuration for chat prompt template" + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptVersionCachePointBlock" } } }, @@ -128495,7 +128740,14 @@ "content": { "type": "array", "items": { - "$ref": "#/types/aws-native:bedrock:PromptVersionContentBlockProperties" + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:PromptVersionContentBlock0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:PromptVersionContentBlock1Properties" + } + ] }, "description": "List of Content Blocks" }, @@ -128600,6 +128852,10 @@ "aws-native:bedrock:PromptVersionPromptVariant": { "type": "object", "properties": { + "additionalModelRequestFields": { + "$ref": "#/types/aws-native:bedrock:PromptVersionAdditionalModelRequestFields", + "description": "Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) ." + }, "genAiResource": { "$ref": "#/types/aws-native:bedrock:PromptVersionPromptGenAiResourceProperties", "description": "Specifies a generative AI resource with which to use the prompt." @@ -128651,18 +128907,20 @@ } } }, - "aws-native:bedrock:PromptVersionSystemContentBlockProperties": { + "aws-native:bedrock:PromptVersionSystemContentBlock1Properties": { "type": "object", "properties": { - "text": { - "type": "string", - "description": "Configuration for chat prompt template" + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptVersionCachePointBlock" } } }, "aws-native:bedrock:PromptVersionTextPromptTemplateConfiguration": { "type": "object", "properties": { + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptVersionCachePointBlock" + }, "inputVariables": { "type": "array", "items": { @@ -128684,6 +128942,14 @@ } } }, + "aws-native:bedrock:PromptVersionTool1Properties": { + "type": "object", + "properties": { + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptVersionCachePointBlock" + } + } + }, "aws-native:bedrock:PromptVersionToolChoice0Properties": { "type": "object", "properties": { @@ -128727,7 +128993,14 @@ "tools": { "type": "array", "items": { - "$ref": "#/types/aws-native:bedrock:PromptVersionToolProperties" + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:PromptVersionTool0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:PromptVersionTool1Properties" + } + ] }, "description": "List of Tools" } @@ -128749,14 +129022,6 @@ } } }, - "aws-native:bedrock:PromptVersionToolProperties": { - "type": "object", - "properties": { - "toolSpec": { - "$ref": "#/types/aws-native:bedrock:PromptVersionToolSpecification" - } - } - }, "aws-native:bedrock:PromptVersionToolSpecification": { "type": "object", "properties": { @@ -140256,6 +140521,9 @@ } } }, + "aws-native:datasync:LocationSmbAuthenticationType": { + "type": "string" + }, "aws-native:datasync:LocationSmbMountOptions": { "type": "object", "properties": { @@ -148494,7 +148762,7 @@ }, "value": { "type": "string", - "description": "The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. \n If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html)." + "description": "The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. \n To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``.\n To use Container Insights, set the ``containerInsights`` account setting to ``enabled``.\n If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html)." } } }, @@ -154324,7 +154592,7 @@ }, "type": { "$ref": "#/types/aws-native:fms:PolicyType", - "description": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support ." + "description": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong ." } } }, @@ -156152,6 +156420,33 @@ } } }, + "aws-native:glue:CrawlerHudiTarget": { + "type": "object", + "properties": { + "connectionName": { + "type": "string", + "description": "The name of the connection to use to connect to the Hudi target." + }, + "exclusions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of global patterns used to exclude from the crawl." + }, + "maximumTraversalDepth": { + "type": "integer", + "description": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time." + }, + "paths": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix ." + } + } + }, "aws-native:glue:CrawlerIcebergTarget": { "type": "object", "properties": { @@ -156319,6 +156614,13 @@ }, "description": "Specifies Amazon DynamoDB targets." }, + "hudiTargets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:glue:CrawlerHudiTarget" + }, + "description": "Specifies Apache Hudi data store targets." + }, "icebergTargets": { "type": "array", "items": { @@ -157728,6 +158030,9 @@ "type": "string", "description": "KMS Alias Arn." }, + "kmsAliasName": { + "type": "string" + }, "kmsKeyArn": { "type": "string", "description": "KMS Key Arn." @@ -224589,7 +224894,7 @@ "items": { "type": "string" }, - "description": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` ." + "description": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` ." }, "contentTransformation": { "$ref": "#/types/aws-native:s3objectlambda:AccessPointTransformationConfigurationContentTransformationProperties", @@ -236302,6 +236607,70 @@ } } }, + "aws-native:transfer:WebAppCustomization": { + "type": "object", + "properties": { + "faviconFile": { + "type": "string", + "description": "Specifies a favicon to display in the browser tab." + }, + "logoFile": { + "type": "string", + "description": "Specifies a logo to display on the web app." + }, + "title": { + "type": "string", + "description": "Specifies a title to display on the web app." + } + } + }, + "aws-native:transfer:WebAppIdentityProviderDetails": { + "type": "object", + "properties": { + "applicationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app." + }, + "instanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app.", + "replaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The IAM role in IAM Identity Center used for the web app." + } + } + }, + "aws-native:transfer:WebAppTag": { + "type": "object", + "properties": { + "key": { + "type": "string", + "description": "The name assigned to the tag that you create." + }, + "value": { + "type": "string", + "description": "Contains one or more values that you assigned to the key name you create." + } + } + }, + "aws-native:transfer:WebAppUnits0Properties": { + "type": "object", + "properties": { + "provisioned": { + "type": "integer" + } + } + }, + "aws-native:transfer:WebAppUnitsProperties": { + "type": "object", + "properties": { + "provisioned": { + "type": "integer" + } + } + }, "aws-native:transfer:WorkflowEfsInputFileLocation": { "type": "object", "properties": { @@ -242954,7 +243323,8 @@ "aws-native:cognito:getUserPoolDomain": { "cf": "AWS::Cognito::UserPoolDomain", "ids": [ - "id" + "userPoolId", + "domain" ] }, "aws-native:cognito:getUserPoolGroup": { @@ -243059,6 +243429,12 @@ "contactFlowModuleArn" ] }, + "aws-native:connect:getContactFlowVersion": { + "cf": "AWS::Connect::ContactFlowVersion", + "ids": [ + "contactFlowVersionArn" + ] + }, "aws-native:connect:getEmailAddress": { "cf": "AWS::Connect::EmailAddress", "ids": [ @@ -248067,6 +248443,12 @@ "arn" ] }, + "aws-native:transfer:getWebApp": { + "cf": "AWS::Transfer::WebApp", + "ids": [ + "arn" + ] + }, "aws-native:transfer:getWorkflow": { "cf": "AWS::Transfer::Workflow", "ids": [ diff --git a/provider/cmd/pulumi-resource-aws-native/schema.json b/provider/cmd/pulumi-resource-aws-native/schema.json index a907007646..3fb9720ab9 100644 --- a/provider/cmd/pulumi-resource-aws-native/schema.json +++ b/provider/cmd/pulumi-resource-aws-native/schema.json @@ -23069,6 +23069,10 @@ "embeddingModelArn" ] }, + "aws-native:bedrock:PromptAdditionalModelRequestFields": { + "description": "Contains model-specific configurations", + "type": "object" + }, "aws-native:bedrock:PromptAgentResource": { "description": "Target Agent to invoke with Prompt", "properties": { @@ -23090,6 +23094,28 @@ "description": "Auto Tool choice", "type": "object" }, + "aws-native:bedrock:PromptCachePointBlock": { + "description": "CachePointBlock", + "properties": { + "type": { + "$ref": "#/types/aws-native:bedrock:PromptCachePointType" + } + }, + "type": "object", + "required": [ + "type" + ] + }, + "aws-native:bedrock:PromptCachePointType": { + "description": "CachePoint types for CachePointBlock", + "type": "string", + "enum": [ + { + "name": "Default", + "value": "default" + } + ] + }, "aws-native:bedrock:PromptChatPromptTemplateConfiguration": { "description": "Configuration for chat prompt template", "properties": { @@ -23110,7 +23136,14 @@ "system": { "type": "array", "items": { - "$ref": "#/types/aws-native:bedrock:PromptSystemContentBlockProperties" + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:PromptSystemContentBlock0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:PromptSystemContentBlock1Properties" + } + ] }, "description": "Configuration for chat prompt template" }, @@ -23136,17 +23169,16 @@ "text" ] }, - "aws-native:bedrock:PromptContentBlockProperties": { + "aws-native:bedrock:PromptContentBlock1Properties": { "description": "Configuration for chat prompt template", "properties": { - "text": { - "type": "string", - "description": "Configuration for chat prompt template" + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptCachePointBlock" } }, "type": "object", "required": [ - "text" + "cachePoint" ] }, "aws-native:bedrock:PromptConversationRole": { @@ -23227,7 +23259,14 @@ "content": { "type": "array", "items": { - "$ref": "#/types/aws-native:bedrock:PromptContentBlockProperties" + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:PromptContentBlock0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:PromptContentBlock1Properties" + } + ] }, "description": "List of Content Blocks" }, @@ -23292,17 +23331,16 @@ "text" ] }, - "aws-native:bedrock:PromptSystemContentBlockProperties": { + "aws-native:bedrock:PromptSystemContentBlock1Properties": { "description": "Configuration for chat prompt template", "properties": { - "text": { - "type": "string", - "description": "Configuration for chat prompt template" + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptCachePointBlock" } }, "type": "object", "required": [ - "text" + "cachePoint" ] }, "aws-native:bedrock:PromptTemplateConfiguration0Properties": { @@ -23346,6 +23384,9 @@ "aws-native:bedrock:PromptTextPromptTemplateConfiguration": { "description": "Configuration for text prompt template", "properties": { + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptCachePointBlock" + }, "inputVariables": { "type": "array", "items": { @@ -23397,6 +23438,18 @@ "toolSpec" ] }, + "aws-native:bedrock:PromptTool1Properties": { + "description": "Tool details", + "properties": { + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptCachePointBlock" + } + }, + "type": "object", + "required": [ + "cachePoint" + ] + }, "aws-native:bedrock:PromptToolChoice0Properties": { "description": "Tool choice", "properties": { @@ -23452,7 +23505,14 @@ "tools": { "type": "array", "items": { - "$ref": "#/types/aws-native:bedrock:PromptToolProperties" + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:PromptTool0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:PromptTool1Properties" + } + ] }, "description": "List of Tools" } @@ -23486,18 +23546,6 @@ "json" ] }, - "aws-native:bedrock:PromptToolProperties": { - "description": "Tool details", - "properties": { - "toolSpec": { - "$ref": "#/types/aws-native:bedrock:PromptToolSpecification" - } - }, - "type": "object", - "required": [ - "toolSpec" - ] - }, "aws-native:bedrock:PromptToolSpecification": { "description": "Tool specification", "properties": { @@ -23521,6 +23569,10 @@ "aws-native:bedrock:PromptVariant": { "description": "Prompt variant", "properties": { + "additionalModelRequestFields": { + "$ref": "#/types/aws-native:bedrock:PromptAdditionalModelRequestFields", + "description": "Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) ." + }, "genAiResource": { "$ref": "#/types/aws-native:bedrock:PromptGenAiResourceProperties", "description": "Specifies a generative AI resource with which to use the prompt." @@ -23560,6 +23612,10 @@ "templateType" ] }, + "aws-native:bedrock:PromptVersionAdditionalModelRequestFields": { + "description": "Contains model-specific configurations", + "type": "object" + }, "aws-native:bedrock:PromptVersionAnyToolChoice": { "description": "Any Tool choice", "type": "object" @@ -23568,6 +23624,28 @@ "description": "Auto Tool choice", "type": "object" }, + "aws-native:bedrock:PromptVersionCachePointBlock": { + "description": "CachePointBlock", + "properties": { + "type": { + "$ref": "#/types/aws-native:bedrock:PromptVersionCachePointType" + } + }, + "type": "object", + "required": [ + "type" + ] + }, + "aws-native:bedrock:PromptVersionCachePointType": { + "description": "CachePoint types for CachePointBlock", + "type": "string", + "enum": [ + { + "name": "Default", + "value": "default" + } + ] + }, "aws-native:bedrock:PromptVersionChatPromptTemplateConfiguration": { "description": "Configuration for chat prompt template", "properties": { @@ -23588,7 +23666,14 @@ "system": { "type": "array", "items": { - "$ref": "#/types/aws-native:bedrock:PromptVersionSystemContentBlockProperties" + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:PromptVersionSystemContentBlock0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:PromptVersionSystemContentBlock1Properties" + } + ] }, "description": "Configuration for chat prompt template" }, @@ -23614,17 +23699,16 @@ "text" ] }, - "aws-native:bedrock:PromptVersionContentBlockProperties": { + "aws-native:bedrock:PromptVersionContentBlock1Properties": { "description": "Configuration for chat prompt template", "properties": { - "text": { - "type": "string", - "description": "Configuration for chat prompt template" + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptVersionCachePointBlock" } }, "type": "object", "required": [ - "text" + "cachePoint" ] }, "aws-native:bedrock:PromptVersionConversationRole": { @@ -23647,7 +23731,14 @@ "content": { "type": "array", "items": { - "$ref": "#/types/aws-native:bedrock:PromptVersionContentBlockProperties" + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:PromptVersionContentBlock0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:PromptVersionContentBlock1Properties" + } + ] }, "description": "List of Content Blocks" }, @@ -23798,6 +23889,10 @@ "aws-native:bedrock:PromptVersionPromptVariant": { "description": "Prompt variant", "properties": { + "additionalModelRequestFields": { + "$ref": "#/types/aws-native:bedrock:PromptVersionAdditionalModelRequestFields", + "description": "Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) ." + }, "genAiResource": { "$ref": "#/types/aws-native:bedrock:PromptVersionPromptGenAiResourceProperties", "description": "Specifies a generative AI resource with which to use the prompt." @@ -23863,22 +23958,24 @@ "text" ] }, - "aws-native:bedrock:PromptVersionSystemContentBlockProperties": { + "aws-native:bedrock:PromptVersionSystemContentBlock1Properties": { "description": "Configuration for chat prompt template", "properties": { - "text": { - "type": "string", - "description": "Configuration for chat prompt template" + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptVersionCachePointBlock" } }, "type": "object", "required": [ - "text" + "cachePoint" ] }, "aws-native:bedrock:PromptVersionTextPromptTemplateConfiguration": { "description": "Configuration for text prompt template", "properties": { + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptVersionCachePointBlock" + }, "inputVariables": { "type": "array", "items": { @@ -23908,6 +24005,18 @@ "toolSpec" ] }, + "aws-native:bedrock:PromptVersionTool1Properties": { + "description": "Tool details", + "properties": { + "cachePoint": { + "$ref": "#/types/aws-native:bedrock:PromptVersionCachePointBlock" + } + }, + "type": "object", + "required": [ + "cachePoint" + ] + }, "aws-native:bedrock:PromptVersionToolChoice0Properties": { "description": "Tool choice", "properties": { @@ -23963,7 +24072,14 @@ "tools": { "type": "array", "items": { - "$ref": "#/types/aws-native:bedrock:PromptVersionToolProperties" + "oneOf": [ + { + "$ref": "#/types/aws-native:bedrock:PromptVersionTool0Properties" + }, + { + "$ref": "#/types/aws-native:bedrock:PromptVersionTool1Properties" + } + ] }, "description": "List of Tools" } @@ -23997,18 +24113,6 @@ "json" ] }, - "aws-native:bedrock:PromptVersionToolProperties": { - "description": "Tool details", - "properties": { - "toolSpec": { - "$ref": "#/types/aws-native:bedrock:PromptVersionToolSpecification" - } - }, - "type": "object", - "required": [ - "toolSpec" - ] - }, "aws-native:bedrock:PromptVersionToolSpecification": { "description": "Tool specification", "properties": { @@ -41674,6 +41778,20 @@ "bucketAccessRoleArn" ] }, + "aws-native:datasync:LocationSmbAuthenticationType": { + "description": "The authentication mode used to determine identity of user.", + "type": "string", + "enum": [ + { + "name": "Ntlm", + "value": "NTLM" + }, + { + "name": "Kerberos", + "value": "KERBEROS" + } + ] + }, "aws-native:datasync:LocationSmbMountOptions": { "description": "The mount options used by DataSync to access the SMB server.", "properties": { @@ -53476,7 +53594,7 @@ "type": "object" }, "aws-native:ecs:ClusterSettings": { - "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster.", + "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. \n For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*.", "properties": { "name": { "type": "string", @@ -53484,7 +53602,7 @@ }, "value": { "type": "string", - "description": "The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. \n If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html)." + "description": "The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. \n To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``.\n To use Container Insights, set the ``containerInsights`` account setting to ``enabled``.\n If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html)." } }, "type": "object" @@ -60961,7 +61079,7 @@ }, "type": { "$ref": "#/types/aws-native:fms:PolicyType", - "description": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support ." + "description": "The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong ." } }, "type": "object", @@ -64386,6 +64504,34 @@ }, "type": "object" }, + "aws-native:glue:CrawlerHudiTarget": { + "description": "Specifies Apache Hudi data store targets.", + "properties": { + "connectionName": { + "type": "string", + "description": "The name of the connection to use to connect to the Hudi target." + }, + "exclusions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "A list of global patterns used to exclude from the crawl." + }, + "maximumTraversalDepth": { + "type": "integer", + "description": "The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time." + }, + "paths": { + "type": "array", + "items": { + "type": "string" + }, + "description": "One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix ." + } + }, + "type": "object" + }, "aws-native:glue:CrawlerIcebergTarget": { "description": "Specifies Apache Iceberg data store targets.", "properties": { @@ -64561,6 +64707,13 @@ }, "description": "Specifies Amazon DynamoDB targets." }, + "hudiTargets": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:glue:CrawlerHudiTarget" + }, + "description": "Specifies Apache Hudi data store targets." + }, "icebergTargets": { "type": "array", "items": { @@ -66432,6 +66585,9 @@ "type": "string", "description": "KMS Alias Arn." }, + "kmsAliasName": { + "type": "string" + }, "kmsKeyArn": { "type": "string", "description": "KMS Key Arn." @@ -157335,7 +157491,7 @@ "items": { "type": "string" }, - "description": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` ." + "description": "A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` ." }, "contentTransformation": { "$ref": "#/types/aws-native:s3objectlambda:AccessPointTransformationConfigurationContentTransformationProperties", @@ -175498,6 +175654,84 @@ "value" ] }, + "aws-native:transfer:WebAppCustomization": { + "properties": { + "faviconFile": { + "type": "string", + "description": "Specifies a favicon to display in the browser tab." + }, + "logoFile": { + "type": "string", + "description": "Specifies a logo to display on the web app." + }, + "title": { + "type": "string", + "description": "Specifies a title to display on the web app." + } + }, + "type": "object" + }, + "aws-native:transfer:WebAppIdentityProviderDetails": { + "description": "You can provide a structure that contains the details for the identity provider to use with your web app.", + "properties": { + "applicationArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app." + }, + "instanceArn": { + "type": "string", + "description": "The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app.", + "replaceOnChanges": true + }, + "role": { + "type": "string", + "description": "The IAM role in IAM Identity Center used for the web app." + } + }, + "type": "object" + }, + "aws-native:transfer:WebAppTag": { + "description": "Key-value pair that can be used to group and search for web apps.", + "properties": { + "key": { + "type": "string", + "description": "The name assigned to the tag that you create." + }, + "value": { + "type": "string", + "description": "Contains one or more values that you assigned to the key name you create." + } + }, + "type": "object", + "required": [ + "key", + "value" + ] + }, + "aws-native:transfer:WebAppUnits0Properties": { + "description": "A union that contains the value for number of concurrent connections or the user sessions on your web app.", + "properties": { + "provisioned": { + "type": "integer" + } + }, + "type": "object", + "required": [ + "provisioned" + ] + }, + "aws-native:transfer:WebAppUnitsProperties": { + "description": "A union that contains the value for number of concurrent connections or the user sessions on your web app.", + "properties": { + "provisioned": { + "type": "integer" + } + }, + "type": "object", + "required": [ + "provisioned" + ] + }, "aws-native:transfer:WorkflowEfsInputFileLocation": { "description": "Specifies the details for an EFS file.", "properties": { @@ -195011,7 +195245,7 @@ }, "agentAliasStatus": { "$ref": "#/types/aws-native:bedrock:AgentAliasStatus", - "description": "The status of the alias of the agent and whether it is ready for use. The following statuses are possible:\n\n- CREATING – The agent alias is being created.\n- PREPARED – The agent alias is finished being created or updated and is ready to be invoked.\n- FAILED – The agent alias API operation failed.\n- UPDATING – The agent alias is being updated.\n- DELETING – The agent alias is being deleted." + "description": "The status of the alias of the agent and whether it is ready for use. The following statuses are possible:\n\n- CREATING – The agent alias is being created.\n- PREPARED – The agent alias is finished being created or updated and is ready to be invoked.\n- FAILED – The agent alias API operation failed.\n- UPDATING – The agent alias is being updated.\n- DELETING – The agent alias is being deleted.\n- DISSOCIATED - The agent alias has no version associated with it." }, "agentId": { "type": "string", @@ -203299,10 +203533,6 @@ "aws-native:cognito:UserPoolDomain": { "description": "Resource Type definition for AWS::Cognito::UserPoolDomain", "properties": { - "awsId": { - "type": "string", - "description": "The resource ID." - }, "cloudFrontDistribution": { "type": "string", "description": "The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider." @@ -203328,7 +203558,6 @@ }, "type": "object", "required": [ - "awsId", "cloudFrontDistribution", "domain", "userPoolId" @@ -204774,6 +205003,53 @@ "instanceArn" ] }, + "aws-native:connect:ContactFlowVersion": { + "description": "Resource Type Definition for ContactFlowVersion", + "properties": { + "contactFlowId": { + "type": "string", + "description": "The ARN of the contact flow this version is tied to.", + "replaceOnChanges": true + }, + "contactFlowVersionArn": { + "type": "string", + "description": "The identifier of the contact flow version (ARN)." + }, + "description": { + "type": "string", + "description": "The description of the version.", + "replaceOnChanges": true + }, + "flowContentSha256": { + "type": "string", + "description": "Indicates the checksum value of the latest published flow content" + }, + "version": { + "type": "integer", + "description": "The version number of this revision" + } + }, + "type": "object", + "required": [ + "contactFlowId", + "contactFlowVersionArn", + "flowContentSha256", + "version" + ], + "inputProperties": { + "contactFlowId": { + "type": "string", + "description": "The ARN of the contact flow this version is tied to." + }, + "description": { + "type": "string", + "description": "The description of the version." + } + }, + "requiredInputs": [ + "contactFlowId" + ] + }, "aws-native:connect:EmailAddress": { "description": "Resource Type definition for AWS::Connect::EmailAddress", "properties": { @@ -209399,10 +209675,33 @@ }, "description": "The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location." }, + "authenticationType": { + "$ref": "#/types/aws-native:datasync:LocationSmbAuthenticationType", + "description": "The authentication mode used to determine identity of user." + }, + "dnsIpAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server." + }, "domain": { "type": "string", "description": "The name of the Windows domain that the SMB server belongs to." }, + "kerberosKeytab": { + "type": "string", + "description": "The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file." + }, + "kerberosKrb5Conf": { + "type": "string", + "description": "The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file." + }, + "kerberosPrincipal": { + "type": "string", + "description": "Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files." + }, "locationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SMB location that is created." @@ -209421,8 +209720,7 @@ }, "serverHostname": { "type": "string", - "description": "The name of the SMB server. This value is the IP address or Domain Name Service (DNS) name of the SMB server.", - "replaceOnChanges": true + "description": "The name of the SMB server. This value is the IP address or Domain Name Service (DNS) name of the SMB server." }, "subdirectory": { "type": "string", @@ -209444,8 +209742,7 @@ "required": [ "agentArns", "locationArn", - "locationUri", - "user" + "locationUri" ], "inputProperties": { "agentArns": { @@ -209455,10 +209752,33 @@ }, "description": "The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location." }, + "authenticationType": { + "$ref": "#/types/aws-native:datasync:LocationSmbAuthenticationType", + "description": "The authentication mode used to determine identity of user." + }, + "dnsIpAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server." + }, "domain": { "type": "string", "description": "The name of the Windows domain that the SMB server belongs to." }, + "kerberosKeytab": { + "type": "string", + "description": "The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file." + }, + "kerberosKrb5Conf": { + "type": "string", + "description": "The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file." + }, + "kerberosPrincipal": { + "type": "string", + "description": "Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files." + }, "mountOptions": { "$ref": "#/types/aws-native:datasync:LocationSmbMountOptions", "description": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server." @@ -209488,8 +209808,7 @@ } }, "requiredInputs": [ - "agentArns", - "user" + "agentArns" ] }, "aws-native:datasync:StorageSystem": { @@ -221491,7 +221810,7 @@ "items": { "$ref": "#/types/aws-native:ecs:ClusterSettings" }, - "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster." + "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. \n For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*." }, "configuration": { "$ref": "#/types/aws-native:ecs:ClusterConfiguration", @@ -221537,7 +221856,7 @@ "items": { "$ref": "#/types/aws-native:ecs:ClusterSettings" }, - "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster." + "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. \n For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*." }, "configuration": { "$ref": "#/types/aws-native:ecs:ClusterConfiguration", @@ -222551,7 +222870,7 @@ "items": { "type": "string" }, - "description": "Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified." + "description": "VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table)." }, "subnetId": { "type": "string", @@ -222580,7 +222899,7 @@ "items": { "type": "string" }, - "description": "Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified." + "description": "VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table)." }, "subnetId": { "type": "string", @@ -225397,6 +225716,10 @@ "description": "Name of the virtual cluster.", "replaceOnChanges": true }, + "securityConfigurationId": { + "type": "string", + "description": "The ID of the security configuration." + }, "tags": { "type": "array", "items": { @@ -225421,6 +225744,10 @@ "type": "string", "description": "Name of the virtual cluster." }, + "securityConfigurationId": { + "type": "string", + "description": "The ID of the security configuration." + }, "tags": { "type": "array", "items": { @@ -227699,7 +228026,7 @@ }, "securityServicePolicyData": { "$ref": "#/types/aws-native:fms:PolicySecurityServicePolicyData", - "description": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" + "description": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" }, "tags": { "type": "array", @@ -227782,7 +228109,7 @@ }, "securityServicePolicyData": { "$ref": "#/types/aws-native:fms:PolicySecurityServicePolicyData", - "description": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" + "description": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" }, "tags": { "type": "array", @@ -231572,18 +231899,21 @@ }, "contactPostPassDurationSeconds": { "type": "integer", - "description": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state." + "description": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state.", + "replaceOnChanges": true }, "contactPrePassDurationSeconds": { "type": "integer", - "description": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state." + "description": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state.", + "replaceOnChanges": true }, "endpointDetails": { "type": "array", "items": { "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupEndpointDetails" }, - "description": "List of Endpoint Details, containing address and port for each endpoint." + "description": "List of Endpoint Details, containing address and port for each endpoint.", + "replaceOnChanges": true }, "tags": { "type": "array", @@ -280408,6 +280738,76 @@ "serverId" ] }, + "aws-native:transfer:WebApp": { + "description": "Resource Type definition for AWS::Transfer::WebApp", + "properties": { + "accessEndpoint": { + "type": "string", + "description": "The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value." + }, + "arn": { + "type": "string", + "description": "Specifies the unique Amazon Resource Name (ARN) for the web app." + }, + "identityProviderDetails": { + "$ref": "#/types/aws-native:transfer:WebAppIdentityProviderDetails", + "description": "You can provide a structure that contains the details for the identity provider to use with your web app.\n\nFor more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for web apps." + }, + "webAppCustomization": { + "$ref": "#/types/aws-native:transfer:WebAppCustomization", + "description": "A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app." + }, + "webAppId": { + "type": "string", + "description": "A unique identifier for the web app." + }, + "webAppUnits": { + "$ref": "#/types/aws-native:transfer:WebAppUnitsProperties", + "description": "A union that contains the value for number of concurrent connections or the user sessions on your web app." + } + }, + "type": "object", + "required": [ + "arn", + "identityProviderDetails", + "webAppId" + ], + "inputProperties": { + "accessEndpoint": { + "type": "string", + "description": "The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value." + }, + "identityProviderDetails": { + "$ref": "#/types/aws-native:transfer:WebAppIdentityProviderDetails", + "description": "You can provide a structure that contains the details for the identity provider to use with your web app.\n\nFor more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for web apps." + }, + "webAppCustomization": { + "$ref": "#/types/aws-native:transfer:WebAppCustomization", + "description": "A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app." + }, + "webAppUnits": { + "$ref": "#/types/aws-native:transfer:WebAppUnitsProperties", + "description": "A union that contains the value for number of concurrent connections or the user sessions on your web app." + } + }, + "requiredInputs": [ + "identityProviderDetails" + ] + }, "aws-native:transfer:Workflow": { "description": "Resource Type definition for AWS::Transfer::Workflow", "properties": { @@ -290511,7 +290911,7 @@ }, "agentAliasStatus": { "$ref": "#/types/aws-native:bedrock:AgentAliasStatus", - "description": "The status of the alias of the agent and whether it is ready for use. The following statuses are possible:\n\n- CREATING – The agent alias is being created.\n- PREPARED – The agent alias is finished being created or updated and is ready to be invoked.\n- FAILED – The agent alias API operation failed.\n- UPDATING – The agent alias is being updated.\n- DELETING – The agent alias is being deleted." + "description": "The status of the alias of the agent and whether it is ready for use. The following statuses are possible:\n\n- CREATING – The agent alias is being created.\n- PREPARED – The agent alias is finished being created or updated and is ready to be invoked.\n- FAILED – The agent alias API operation failed.\n- UPDATING – The agent alias is being updated.\n- DELETING – The agent alias is being deleted.\n- DISSOCIATED - The agent alias has no version associated with it." }, "createdAt": { "type": "string", @@ -295092,13 +295492,18 @@ "description": "Resource Type definition for AWS::Cognito::UserPoolDomain", "inputs": { "properties": { - "id": { + "domain": { "type": "string", - "description": "The resource ID." + "description": "The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` ." + }, + "userPoolId": { + "type": "string", + "description": "The ID of the user pool that is associated with the domain you're updating." } }, "required": [ - "id" + "userPoolId", + "domain" ] }, "outputs": { @@ -295110,14 +295515,6 @@ "customDomainConfig": { "$ref": "#/types/aws-native:cognito:UserPoolDomainCustomDomainConfigType", "description": "The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM.\n\nWhen you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain." - }, - "id": { - "type": "string", - "description": "The resource ID." - }, - "managedLoginVersion": { - "type": "integer", - "description": "A version number that indicates the state of managed login for your domain. Version `1` is hosted UI (classic). Version `2` is the newer managed login with the branding designer. For more information, see [Managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) ." } } } @@ -295783,6 +296180,36 @@ } } }, + "aws-native:connect:getContactFlowVersion": { + "description": "Resource Type Definition for ContactFlowVersion", + "inputs": { + "properties": { + "contactFlowVersionArn": { + "type": "string", + "description": "The identifier of the contact flow version (ARN)." + } + }, + "required": [ + "contactFlowVersionArn" + ] + }, + "outputs": { + "properties": { + "contactFlowVersionArn": { + "type": "string", + "description": "The identifier of the contact flow version (ARN)." + }, + "flowContentSha256": { + "type": "string", + "description": "Indicates the checksum value of the latest published flow content" + }, + "version": { + "type": "integer", + "description": "The version number of this revision" + } + } + } + }, "aws-native:connect:getEmailAddress": { "description": "Resource Type definition for AWS::Connect::EmailAddress", "inputs": { @@ -298321,10 +298748,25 @@ }, "description": "The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location." }, + "authenticationType": { + "$ref": "#/types/aws-native:datasync:LocationSmbAuthenticationType", + "description": "The authentication mode used to determine identity of user." + }, + "dnsIpAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server." + }, "domain": { "type": "string", "description": "The name of the Windows domain that the SMB server belongs to." }, + "kerberosPrincipal": { + "type": "string", + "description": "Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files." + }, "locationArn": { "type": "string", "description": "The Amazon Resource Name (ARN) of the SMB location that is created." @@ -304382,7 +304824,7 @@ "items": { "$ref": "#/types/aws-native:ecs:ClusterSettings" }, - "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster." + "description": "The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster.\n Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. \n For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*." }, "configuration": { "$ref": "#/types/aws-native:ecs:ClusterConfiguration", @@ -304784,7 +305226,7 @@ "items": { "type": "string" }, - "description": "Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified." + "description": "VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table)." } } } @@ -306091,6 +306533,10 @@ "type": "string", "description": "Id of the virtual cluster." }, + "securityConfigurationId": { + "type": "string", + "description": "The ID of the security configuration." + }, "tags": { "type": "array", "items": { @@ -307447,7 +307893,7 @@ }, "securityServicePolicyData": { "$ref": "#/types/aws-native:fms:PolicySecurityServicePolicyData", - "description": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" + "description": "Details about the security service that is being used to protect the resources.\n\nThis contains the following settings:\n\n- Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting .\n\nValid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF`\n- ManagedServiceData - Details about the service that are specific to the service type, in JSON format.\n\n- Example: `DNS_FIREWALL`\n\n`\"{\\\"type\\\":\\\"DNS_FIREWALL\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-1\\\",\\\"priority\\\":10}],\\\"postProcessRuleGroups\\\":[{\\\"ruleGroupId\\\":\\\"rslvr-frg-2\\\",\\\"priority\\\":9911}]}\"`\n\n\u003e Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000.\n- Example: `NETWORK_FIREWALL` - Centralized deployment model\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"awsNetworkFirewallConfig\\\":{\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}},\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"OFF\\\"},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nWith automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\",\\\"192.168.0.0/28\\\"],\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"]},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\": \\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":true}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\", \\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{ \\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[ \\\"10.0.0.0/28\\\"]}]} },\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"OFF\\\",\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nWith custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters.\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management\n\n`\"{\\\"type\\\":\\\"NETWORK_FIREWALL\\\",\\\"networkFirewallStatelessRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\\\",\\\"priority\\\":1}],\\\"networkFirewallStatelessDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"customActionName\\\"],\\\"networkFirewallStatelessFragmentDefaultActions\\\":[\\\"aws:forward_to_sfe\\\",\\\"fragmentcustomactionname\\\"],\\\"networkFirewallStatelessCustomActions\\\":[{\\\"actionName\\\":\\\"customActionName\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"metricdimensionvalue\\\"}]}}},{\\\"actionName\\\":\\\"fragmentcustomactionname\\\",\\\"actionDefinition\\\":{\\\"publishMetricAction\\\":{\\\"dimensions\\\":[{\\\"value\\\":\\\"fragmentmetricdimensionvalue\\\"}]}}}],\\\"networkFirewallStatefulRuleGroupReferences\\\":[{\\\"resourceARN\\\":\\\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\\\"}],\\\"networkFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]},{\\\"availabilityZoneName\\\":\\\"us-east-1b\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"singleFirewallEndpointPerVPC\\\":false,\\\"allowedIPV4CidrList\\\":null,\\\"routeManagementAction\\\":\\\"MONITOR\\\",\\\"routeManagementTargetTypes\\\":[\\\"InternetGateway\\\"],\\\"routeManagementConfig\\\":{\\\"allowCrossAZTrafficIfNoEndpoint\\\":true}},\\\"networkFirewallLoggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"ALERT\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}},{\\\"logDestinationType\\\":\\\"S3\\\",\\\"logType\\\":\\\"FLOW\\\",\\\"logDestination\\\":{\\\"bucketName\\\":\\\"s3-bucket-name\\\"}}],\\\"overrideExistingConfig\\\":boolean}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model\n\n`\"{ \\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\", \\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\", \\\"thirdPartyFirewallConfig\\\":{ \\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{\\\"centralizedFirewallDeploymentModel\\\":{\\\"centralizedFirewallOrchestrationConfig\\\":{\\\"inspectionVpcIds\\\":[{\\\"resourceId\\\":\\\"vpc-1234\\\",\\\"accountId\\\":\\\"123456789011\\\"}],\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{\\\"availabilityZoneConfigList\\\":[{\\\"availabilityZoneId\\\":null,\\\"availabilityZoneName\\\":\\\"us-east-1a\\\",\\\"allowedIPV4CidrList\\\":[\\\"10.0.0.0/28\\\"]}]}},\\\"allowedIPV4CidrList\\\":[]}}}}\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` .\n- Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model\n\n`\"{\\\"type\\\":\\\"THIRD_PARTY_FIREWALL\\\",\\\"thirdPartyFirewall\\\":\\\"PALO_ALTO_NETWORKS_CLOUD_NGFW\\\",\\\"thirdPartyFirewallConfig\\\":{\\\"thirdPartyFirewallPolicyList\\\":[\\\"global-1\\\"] },\\\"firewallDeploymentModel\\\":{ \\\"distributedFirewallDeploymentModel\\\":{ \\\"distributedFirewallOrchestrationConfig\\\":{\\\"firewallCreationConfig\\\":{\\\"endpointLocation\\\":{ \\\"availabilityZoneConfigList\\\":[ {\\\"availabilityZoneName\\\":\\\"${AvailabilityZone}\\\" } ] } }, \\\"allowedIPV4CidrList\\\":[ ] } } } }\"`\n\nTo use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` .\n- Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions\n\n`\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED|IGNORED|DISABLED\\\", \\\"automaticResponseAction\\\":\\\"BLOCK|COUNT\\\"}, \\\"overrideCustomerWebaclClassic\\\":true|false}\"`\n\nFor example: `\"{\\\"type\\\":\\\"SHIELD_ADVANCED\\\",\\\"automaticResponseConfiguration\\\": {\\\"automaticResponseStatus\\\":\\\"ENABLED\\\", \\\"automaticResponseAction\\\":\\\"COUNT\\\"}}\"`\n\nThe default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` .\n\nFor other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string.\n- Example: `WAFV2`\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"version\\\":null,\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesAmazonIpReputationList\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nIn the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` .\n- Example: `AWS WAF Classic`\n\n`\"{\\\"type\\\": \\\"WAF\\\", \\\"ruleGroups\\\": [{\\\"id\\\":\\\"12345678-1bcd-9012-efga-0987654321ab\\\", \\\"overrideAction\\\" : {\\\"type\\\": \\\"COUNT\\\"}}], \\\"defaultAction\\\": {\\\"type\\\": \\\"BLOCK\\\"}}\"`\n- Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning\n\n`\"{\\\"type\\\":\\\"WAFV2\\\",\\\"preProcessRuleGroups\\\":[{\\\"ruleGroupArn\\\":null,\\\"overrideAction\\\":{\\\"type\\\":\\\"NONE\\\"},\\\"managedRuleGroupIdentifier\\\":{\\\"versionEnabled\\\":true,\\\"version\\\":\\\"Version_2.0\\\",\\\"vendorName\\\":\\\"AWS\\\",\\\"managedRuleGroupName\\\":\\\"AWSManagedRulesCommonRuleSet\\\"},\\\"ruleGroupType\\\":\\\"ManagedRuleGroup\\\",\\\"excludeRules\\\":[{\\\"name\\\":\\\"NoUserAgent_HEADER\\\"}]}],\\\"postProcessRuleGroups\\\":[],\\\"defaultAction\\\":{\\\"type\\\":\\\"ALLOW\\\"},\\\"overrideCustomerWebACLAssociation\\\":false,\\\"loggingConfiguration\\\":{\\\"logDestinationConfigs\\\":[\\\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\\\"],\\\"redactedFields\\\":[{\\\"redactedFieldType\\\":\\\"SingleHeader\\\",\\\"redactedFieldValue\\\":\\\"Cookies\\\"},{\\\"redactedFieldType\\\":\\\"Method\\\"}]}}\"`\n\nTo use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group.\n- Example: `SECURITY_GROUPS_COMMON`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_COMMON\\\",\\\"revertManualSecurityGroupChanges\\\":false,\\\"exclusiveResourceSecurityGroupManagement\\\":false, \\\"applyToAllEC2InstanceENIs\\\":false,\\\"includeSharedVPC\\\":true,\\\"securityGroups\\\":[{\\\"id\\\":\\\" sg-000e55995d61a06bd\\\"}]}\"`\n- Example: `SECURITY_GROUPS_CONTENT_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_CONTENT_AUDIT\\\",\\\"securityGroups\\\":[{\\\"id\\\":\\\"sg-000e55995d61a06bd\\\"}],\\\"securityGroupAction\\\":{\\\"type\\\":\\\"ALLOW\\\"}}\"`\n\nThe security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group.\n- Example: `SECURITY_GROUPS_USAGE_AUDIT`\n\n`\"{\\\"type\\\":\\\"SECURITY_GROUPS_USAGE_AUDIT\\\",\\\"deleteUnusedSecurityGroups\\\":true,\\\"coalesceRedundantSecurityGroups\\\":true}\"`" }, "tags": { "type": "array", @@ -309503,21 +309949,6 @@ "type": "string", "description": "The ARN of the dataflow endpoint group, such as `arn:aws:groundstation:us-east-2:1234567890:dataflow-endpoint-group/9940bf3b-d2ba-427e-9906-842b5e5d2296` ." }, - "contactPostPassDurationSeconds": { - "type": "integer", - "description": "Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state." - }, - "contactPrePassDurationSeconds": { - "type": "integer", - "description": "Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state." - }, - "endpointDetails": { - "type": "array", - "items": { - "$ref": "#/types/aws-native:groundstation:DataflowEndpointGroupEndpointDetails" - }, - "description": "List of Endpoint Details, containing address and port for each endpoint." - }, "id": { "type": "string", "description": "UUID of a dataflow endpoint group." @@ -335047,6 +335478,55 @@ } } }, + "aws-native:transfer:getWebApp": { + "description": "Resource Type definition for AWS::Transfer::WebApp", + "inputs": { + "properties": { + "arn": { + "type": "string", + "description": "Specifies the unique Amazon Resource Name (ARN) for the web app." + } + }, + "required": [ + "arn" + ] + }, + "outputs": { + "properties": { + "accessEndpoint": { + "type": "string", + "description": "The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value." + }, + "arn": { + "type": "string", + "description": "Specifies the unique Amazon Resource Name (ARN) for the web app." + }, + "identityProviderDetails": { + "$ref": "#/types/aws-native:transfer:WebAppIdentityProviderDetails", + "description": "You can provide a structure that contains the details for the identity provider to use with your web app.\n\nFor more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for web apps." + }, + "webAppCustomization": { + "$ref": "#/types/aws-native:transfer:WebAppCustomization", + "description": "A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app." + }, + "webAppId": { + "type": "string", + "description": "A unique identifier for the web app." + }, + "webAppUnits": { + "$ref": "#/types/aws-native:transfer:WebAppUnitsProperties", + "description": "A union that contains the value for number of concurrent connections or the user sessions on your web app." + } + } + } + }, "aws-native:transfer:getWorkflow": { "description": "Resource Type definition for AWS::Transfer::Workflow", "inputs": { diff --git a/reports/missedAutonaming.json b/reports/missedAutonaming.json index f2e13a70f8..6a24eb2a3a 100644 --- a/reports/missedAutonaming.json +++ b/reports/missedAutonaming.json @@ -2390,6 +2390,19 @@ } } }, + "aws-native:connect:ContactFlowVersion": { + "cfTypeName": "AWS::Connect::ContactFlowVersion", + "properties": { + "contactFlowId": { + "type": "string", + "description": "The ARN of the contact flow this version is tied to." + }, + "description": { + "type": "string", + "description": "The description of the version." + } + } + }, "aws-native:connect:EmailAddress": { "cfTypeName": "AWS::Connect::EmailAddress", "properties": { @@ -3174,10 +3187,33 @@ }, "description": "The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location." }, + "authenticationType": { + "$ref": "#/types/aws-native:datasync:LocationSmbAuthenticationType", + "description": "The authentication mode used to determine identity of user." + }, + "dnsIpAddresses": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server." + }, "domain": { "type": "string", "description": "The name of the Windows domain that the SMB server belongs to." }, + "kerberosKeytab": { + "type": "string", + "description": "The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file." + }, + "kerberosKrb5Conf": { + "type": "string", + "description": "The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file." + }, + "kerberosPrincipal": { + "type": "string", + "description": "Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files." + }, "mountOptions": { "$ref": "#/types/aws-native:datasync:LocationSmbMountOptions", "description": "Specifies the version of the SMB protocol that DataSync uses to access your SMB file server." @@ -6843,7 +6879,7 @@ "items": { "type": "string" }, - "description": "Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified." + "description": "VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table)." }, "subnetId": { "type": "string", @@ -13579,6 +13615,34 @@ } } }, + "aws-native:transfer:WebApp": { + "cfTypeName": "AWS::Transfer::WebApp", + "properties": { + "accessEndpoint": { + "type": "string", + "description": "The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value." + }, + "identityProviderDetails": { + "$ref": "#/types/aws-native:transfer:WebAppIdentityProviderDetails", + "description": "You can provide a structure that contains the details for the identity provider to use with your web app.\n\nFor more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) ." + }, + "tags": { + "type": "array", + "items": { + "$ref": "#/types/aws-native:index:Tag" + }, + "description": "Key-value pairs that can be used to group and search for web apps." + }, + "webAppCustomization": { + "$ref": "#/types/aws-native:transfer:WebAppCustomization", + "description": "A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app." + }, + "webAppUnits": { + "$ref": "#/types/aws-native:transfer:WebAppUnitsProperties", + "description": "A union that contains the value for number of concurrent connections or the user sessions on your web app." + } + } + }, "aws-native:transfer:Workflow": { "cfTypeName": "AWS::Transfer::Workflow", "properties": { diff --git a/sdk/dotnet/Bedrock/AgentAlias.cs b/sdk/dotnet/Bedrock/AgentAlias.cs index 9160333a49..8effe6d72c 100644 --- a/sdk/dotnet/Bedrock/AgentAlias.cs +++ b/sdk/dotnet/Bedrock/AgentAlias.cs @@ -47,6 +47,7 @@ public partial class AgentAlias : global::Pulumi.CustomResource /// - FAILED – The agent alias API operation failed. /// - UPDATING – The agent alias is being updated. /// - DELETING – The agent alias is being deleted. + /// - DISSOCIATED - The agent alias has no version associated with it. /// [Output("agentAliasStatus")] public Output AgentAliasStatus { get; private set; } = null!; diff --git a/sdk/dotnet/Bedrock/Enums.cs b/sdk/dotnet/Bedrock/Enums.cs index eb3a176975..b29ed98af6 100644 --- a/sdk/dotnet/Bedrock/Enums.cs +++ b/sdk/dotnet/Bedrock/Enums.cs @@ -1827,6 +1827,36 @@ private KnowledgeBaseType(string value) public override string ToString() => _value; } + /// + /// CachePoint types for CachePointBlock + /// + [EnumType] + public readonly struct PromptCachePointType : IEquatable + { + private readonly string _value; + + private PromptCachePointType(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + public static PromptCachePointType Default { get; } = new PromptCachePointType("default"); + + public static bool operator ==(PromptCachePointType left, PromptCachePointType right) => left.Equals(right); + public static bool operator !=(PromptCachePointType left, PromptCachePointType right) => !left.Equals(right); + + public static explicit operator string(PromptCachePointType value) => value._value; + + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object? obj) => obj is PromptCachePointType other && Equals(other); + public bool Equals(PromptCachePointType other) => string.Equals(_value, other._value, StringComparison.Ordinal); + + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + + public override string ToString() => _value; + } + /// /// Conversation roles for the chat prompt /// @@ -1889,6 +1919,36 @@ private PromptTemplateType(string value) public override string ToString() => _value; } + /// + /// CachePoint types for CachePointBlock + /// + [EnumType] + public readonly struct PromptVersionCachePointType : IEquatable + { + private readonly string _value; + + private PromptVersionCachePointType(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + public static PromptVersionCachePointType Default { get; } = new PromptVersionCachePointType("default"); + + public static bool operator ==(PromptVersionCachePointType left, PromptVersionCachePointType right) => left.Equals(right); + public static bool operator !=(PromptVersionCachePointType left, PromptVersionCachePointType right) => !left.Equals(right); + + public static explicit operator string(PromptVersionCachePointType value) => value._value; + + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object? obj) => obj is PromptVersionCachePointType other && Equals(other); + public bool Equals(PromptVersionCachePointType other) => string.Equals(_value, other._value, StringComparison.Ordinal); + + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + + public override string ToString() => _value; + } + /// /// Conversation roles for the chat prompt /// diff --git a/sdk/dotnet/Bedrock/GetAgentAlias.cs b/sdk/dotnet/Bedrock/GetAgentAlias.cs index 3d957de503..4356902b9d 100644 --- a/sdk/dotnet/Bedrock/GetAgentAlias.cs +++ b/sdk/dotnet/Bedrock/GetAgentAlias.cs @@ -99,6 +99,7 @@ public sealed class GetAgentAliasResult /// - FAILED – The agent alias API operation failed. /// - UPDATING – The agent alias is being updated. /// - DELETING – The agent alias is being deleted. + /// - DISSOCIATED - The agent alias has no version associated with it. /// public readonly Pulumi.AwsNative.Bedrock.AgentAliasStatus? AgentAliasStatus; /// diff --git a/sdk/dotnet/Bedrock/Inputs/PromptAdditionalModelRequestFieldsArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptAdditionalModelRequestFieldsArgs.cs new file mode 100644 index 0000000000..bd4a5fb43d --- /dev/null +++ b/sdk/dotnet/Bedrock/Inputs/PromptAdditionalModelRequestFieldsArgs.cs @@ -0,0 +1,23 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Inputs +{ + + /// + /// Contains model-specific configurations + /// + public sealed class PromptAdditionalModelRequestFieldsArgs : global::Pulumi.ResourceArgs + { + public PromptAdditionalModelRequestFieldsArgs() + { + } + public static new PromptAdditionalModelRequestFieldsArgs Empty => new PromptAdditionalModelRequestFieldsArgs(); + } +} diff --git a/sdk/dotnet/Bedrock/Inputs/PromptCachePointBlockArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptCachePointBlockArgs.cs new file mode 100644 index 0000000000..7db0137b8f --- /dev/null +++ b/sdk/dotnet/Bedrock/Inputs/PromptCachePointBlockArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Inputs +{ + + /// + /// CachePointBlock + /// + public sealed class PromptCachePointBlockArgs : global::Pulumi.ResourceArgs + { + [Input("type", required: true)] + public Input Type { get; set; } = null!; + + public PromptCachePointBlockArgs() + { + } + public static new PromptCachePointBlockArgs Empty => new PromptCachePointBlockArgs(); + } +} diff --git a/sdk/dotnet/Bedrock/Inputs/PromptChatPromptTemplateConfigurationArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptChatPromptTemplateConfigurationArgs.cs index afde53052b..c4785b8fad 100644 --- a/sdk/dotnet/Bedrock/Inputs/PromptChatPromptTemplateConfigurationArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/PromptChatPromptTemplateConfigurationArgs.cs @@ -40,14 +40,14 @@ public InputList Messages } [Input("system")] - private InputList? _system; + private InputList>? _system; /// /// Configuration for chat prompt template /// - public InputList System + public InputList> System { - get => _system ?? (_system = new InputList()); + get => _system ?? (_system = new InputList>()); set => _system = value; } diff --git a/sdk/dotnet/Bedrock/Inputs/PromptContentBlockPropertiesArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptContentBlock0PropertiesArgs.cs similarity index 71% rename from sdk/dotnet/Bedrock/Inputs/PromptContentBlockPropertiesArgs.cs rename to sdk/dotnet/Bedrock/Inputs/PromptContentBlock0PropertiesArgs.cs index c22fe90cac..a3300542b3 100644 --- a/sdk/dotnet/Bedrock/Inputs/PromptContentBlockPropertiesArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/PromptContentBlock0PropertiesArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.AwsNative.Bedrock.Inputs /// /// Configuration for chat prompt template /// - public sealed class PromptContentBlockPropertiesArgs : global::Pulumi.ResourceArgs + public sealed class PromptContentBlock0PropertiesArgs : global::Pulumi.ResourceArgs { /// /// Configuration for chat prompt template @@ -21,9 +21,9 @@ public sealed class PromptContentBlockPropertiesArgs : global::Pulumi.ResourceAr [Input("text", required: true)] public Input Text { get; set; } = null!; - public PromptContentBlockPropertiesArgs() + public PromptContentBlock0PropertiesArgs() { } - public static new PromptContentBlockPropertiesArgs Empty => new PromptContentBlockPropertiesArgs(); + public static new PromptContentBlock0PropertiesArgs Empty => new PromptContentBlock0PropertiesArgs(); } } diff --git a/sdk/dotnet/Bedrock/Inputs/PromptContentBlock1PropertiesArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptContentBlock1PropertiesArgs.cs new file mode 100644 index 0000000000..a4b8933c59 --- /dev/null +++ b/sdk/dotnet/Bedrock/Inputs/PromptContentBlock1PropertiesArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Inputs +{ + + /// + /// Configuration for chat prompt template + /// + public sealed class PromptContentBlock1PropertiesArgs : global::Pulumi.ResourceArgs + { + [Input("cachePoint", required: true)] + public Input CachePoint { get; set; } = null!; + + public PromptContentBlock1PropertiesArgs() + { + } + public static new PromptContentBlock1PropertiesArgs Empty => new PromptContentBlock1PropertiesArgs(); + } +} diff --git a/sdk/dotnet/Bedrock/Inputs/PromptMessageArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptMessageArgs.cs index 20b9ea95ff..56ce478c14 100644 --- a/sdk/dotnet/Bedrock/Inputs/PromptMessageArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/PromptMessageArgs.cs @@ -16,14 +16,14 @@ namespace Pulumi.AwsNative.Bedrock.Inputs public sealed class PromptMessageArgs : global::Pulumi.ResourceArgs { [Input("content", required: true)] - private InputList? _content; + private InputList>? _content; /// /// List of Content Blocks /// - public InputList Content + public InputList> Content { - get => _content ?? (_content = new InputList()); + get => _content ?? (_content = new InputList>()); set => _content = value; } diff --git a/sdk/dotnet/Bedrock/Inputs/PromptSystemContentBlockPropertiesArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptSystemContentBlock0PropertiesArgs.cs similarity index 70% rename from sdk/dotnet/Bedrock/Inputs/PromptSystemContentBlockPropertiesArgs.cs rename to sdk/dotnet/Bedrock/Inputs/PromptSystemContentBlock0PropertiesArgs.cs index a663b078e0..6fae5e05ab 100644 --- a/sdk/dotnet/Bedrock/Inputs/PromptSystemContentBlockPropertiesArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/PromptSystemContentBlock0PropertiesArgs.cs @@ -13,7 +13,7 @@ namespace Pulumi.AwsNative.Bedrock.Inputs /// /// Configuration for chat prompt template /// - public sealed class PromptSystemContentBlockPropertiesArgs : global::Pulumi.ResourceArgs + public sealed class PromptSystemContentBlock0PropertiesArgs : global::Pulumi.ResourceArgs { /// /// Configuration for chat prompt template @@ -21,9 +21,9 @@ public sealed class PromptSystemContentBlockPropertiesArgs : global::Pulumi.Reso [Input("text", required: true)] public Input Text { get; set; } = null!; - public PromptSystemContentBlockPropertiesArgs() + public PromptSystemContentBlock0PropertiesArgs() { } - public static new PromptSystemContentBlockPropertiesArgs Empty => new PromptSystemContentBlockPropertiesArgs(); + public static new PromptSystemContentBlock0PropertiesArgs Empty => new PromptSystemContentBlock0PropertiesArgs(); } } diff --git a/sdk/dotnet/Bedrock/Inputs/PromptSystemContentBlock1PropertiesArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptSystemContentBlock1PropertiesArgs.cs new file mode 100644 index 0000000000..11fcf8f172 --- /dev/null +++ b/sdk/dotnet/Bedrock/Inputs/PromptSystemContentBlock1PropertiesArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Inputs +{ + + /// + /// Configuration for chat prompt template + /// + public sealed class PromptSystemContentBlock1PropertiesArgs : global::Pulumi.ResourceArgs + { + [Input("cachePoint", required: true)] + public Input CachePoint { get; set; } = null!; + + public PromptSystemContentBlock1PropertiesArgs() + { + } + public static new PromptSystemContentBlock1PropertiesArgs Empty => new PromptSystemContentBlock1PropertiesArgs(); + } +} diff --git a/sdk/dotnet/Bedrock/Inputs/PromptTextPromptTemplateConfigurationArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptTextPromptTemplateConfigurationArgs.cs index 659ab480a1..a37720b2b8 100644 --- a/sdk/dotnet/Bedrock/Inputs/PromptTextPromptTemplateConfigurationArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/PromptTextPromptTemplateConfigurationArgs.cs @@ -15,6 +15,9 @@ namespace Pulumi.AwsNative.Bedrock.Inputs /// public sealed class PromptTextPromptTemplateConfigurationArgs : global::Pulumi.ResourceArgs { + [Input("cachePoint")] + public Input? CachePoint { get; set; } + [Input("inputVariables")] private InputList? _inputVariables; diff --git a/sdk/dotnet/Bedrock/Inputs/PromptToolPropertiesArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptTool0PropertiesArgs.cs similarity index 71% rename from sdk/dotnet/Bedrock/Inputs/PromptToolPropertiesArgs.cs rename to sdk/dotnet/Bedrock/Inputs/PromptTool0PropertiesArgs.cs index e076cacb36..cd6282427d 100644 --- a/sdk/dotnet/Bedrock/Inputs/PromptToolPropertiesArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/PromptTool0PropertiesArgs.cs @@ -13,14 +13,14 @@ namespace Pulumi.AwsNative.Bedrock.Inputs /// /// Tool details /// - public sealed class PromptToolPropertiesArgs : global::Pulumi.ResourceArgs + public sealed class PromptTool0PropertiesArgs : global::Pulumi.ResourceArgs { [Input("toolSpec", required: true)] public Input ToolSpec { get; set; } = null!; - public PromptToolPropertiesArgs() + public PromptTool0PropertiesArgs() { } - public static new PromptToolPropertiesArgs Empty => new PromptToolPropertiesArgs(); + public static new PromptTool0PropertiesArgs Empty => new PromptTool0PropertiesArgs(); } } diff --git a/sdk/dotnet/Bedrock/Inputs/PromptTool1PropertiesArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptTool1PropertiesArgs.cs new file mode 100644 index 0000000000..7adc17a2b1 --- /dev/null +++ b/sdk/dotnet/Bedrock/Inputs/PromptTool1PropertiesArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Inputs +{ + + /// + /// Tool details + /// + public sealed class PromptTool1PropertiesArgs : global::Pulumi.ResourceArgs + { + [Input("cachePoint", required: true)] + public Input CachePoint { get; set; } = null!; + + public PromptTool1PropertiesArgs() + { + } + public static new PromptTool1PropertiesArgs Empty => new PromptTool1PropertiesArgs(); + } +} diff --git a/sdk/dotnet/Bedrock/Inputs/PromptToolConfigurationArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptToolConfigurationArgs.cs index caf0475581..70b3c5e0bc 100644 --- a/sdk/dotnet/Bedrock/Inputs/PromptToolConfigurationArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/PromptToolConfigurationArgs.cs @@ -19,14 +19,14 @@ public sealed class PromptToolConfigurationArgs : global::Pulumi.ResourceArgs public object? ToolChoice { get; set; } [Input("tools", required: true)] - private InputList? _tools; + private InputList>? _tools; /// /// List of Tools /// - public InputList Tools + public InputList> Tools { - get => _tools ?? (_tools = new InputList()); + get => _tools ?? (_tools = new InputList>()); set => _tools = value; } diff --git a/sdk/dotnet/Bedrock/Inputs/PromptVariantArgs.cs b/sdk/dotnet/Bedrock/Inputs/PromptVariantArgs.cs index e03b885c23..237b3de522 100644 --- a/sdk/dotnet/Bedrock/Inputs/PromptVariantArgs.cs +++ b/sdk/dotnet/Bedrock/Inputs/PromptVariantArgs.cs @@ -15,6 +15,12 @@ namespace Pulumi.AwsNative.Bedrock.Inputs /// public sealed class PromptVariantArgs : global::Pulumi.ResourceArgs { + /// + /// Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + /// + [Input("additionalModelRequestFields")] + public Input? AdditionalModelRequestFields { get; set; } + /// /// Specifies a generative AI resource with which to use the prompt. /// diff --git a/sdk/dotnet/Bedrock/Outputs/PromptAdditionalModelRequestFields.cs b/sdk/dotnet/Bedrock/Outputs/PromptAdditionalModelRequestFields.cs new file mode 100644 index 0000000000..290226959f --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/PromptAdditionalModelRequestFields.cs @@ -0,0 +1,24 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Outputs +{ + + /// + /// Contains model-specific configurations + /// + [OutputType] + public sealed class PromptAdditionalModelRequestFields + { + [OutputConstructor] + private PromptAdditionalModelRequestFields() + { + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/PromptCachePointBlock.cs b/sdk/dotnet/Bedrock/Outputs/PromptCachePointBlock.cs new file mode 100644 index 0000000000..869d7483e6 --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/PromptCachePointBlock.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Outputs +{ + + /// + /// CachePointBlock + /// + [OutputType] + public sealed class PromptCachePointBlock + { + public readonly Pulumi.AwsNative.Bedrock.PromptCachePointType Type; + + [OutputConstructor] + private PromptCachePointBlock(Pulumi.AwsNative.Bedrock.PromptCachePointType type) + { + Type = type; + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/PromptChatPromptTemplateConfiguration.cs b/sdk/dotnet/Bedrock/Outputs/PromptChatPromptTemplateConfiguration.cs index 678bcabcc8..005c63f5c3 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptChatPromptTemplateConfiguration.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptChatPromptTemplateConfiguration.cs @@ -27,7 +27,7 @@ public sealed class PromptChatPromptTemplateConfiguration /// /// Configuration for chat prompt template /// - public readonly ImmutableArray System; + public readonly ImmutableArray> System; public readonly Outputs.PromptToolConfiguration? ToolConfiguration; [OutputConstructor] @@ -36,7 +36,7 @@ private PromptChatPromptTemplateConfiguration( ImmutableArray messages, - ImmutableArray system, + ImmutableArray> system, Outputs.PromptToolConfiguration? toolConfiguration) { diff --git a/sdk/dotnet/Bedrock/Outputs/PromptContentBlockProperties.cs b/sdk/dotnet/Bedrock/Outputs/PromptContentBlock0Properties.cs similarity index 85% rename from sdk/dotnet/Bedrock/Outputs/PromptContentBlockProperties.cs rename to sdk/dotnet/Bedrock/Outputs/PromptContentBlock0Properties.cs index a7dea36d58..472e937156 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptContentBlockProperties.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptContentBlock0Properties.cs @@ -14,7 +14,7 @@ namespace Pulumi.AwsNative.Bedrock.Outputs /// Configuration for chat prompt template /// [OutputType] - public sealed class PromptContentBlockProperties + public sealed class PromptContentBlock0Properties { /// /// Configuration for chat prompt template @@ -22,7 +22,7 @@ public sealed class PromptContentBlockProperties public readonly string Text; [OutputConstructor] - private PromptContentBlockProperties(string text) + private PromptContentBlock0Properties(string text) { Text = text; } diff --git a/sdk/dotnet/Bedrock/Outputs/PromptContentBlock1Properties.cs b/sdk/dotnet/Bedrock/Outputs/PromptContentBlock1Properties.cs new file mode 100644 index 0000000000..c57d5004ec --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/PromptContentBlock1Properties.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Outputs +{ + + /// + /// Configuration for chat prompt template + /// + [OutputType] + public sealed class PromptContentBlock1Properties + { + public readonly Outputs.PromptCachePointBlock CachePoint; + + [OutputConstructor] + private PromptContentBlock1Properties(Outputs.PromptCachePointBlock cachePoint) + { + CachePoint = cachePoint; + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/PromptMessage.cs b/sdk/dotnet/Bedrock/Outputs/PromptMessage.cs index f4965e99da..d6795dd2a6 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptMessage.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptMessage.cs @@ -19,12 +19,12 @@ public sealed class PromptMessage /// /// List of Content Blocks /// - public readonly ImmutableArray Content; + public readonly ImmutableArray> Content; public readonly Pulumi.AwsNative.Bedrock.PromptConversationRole Role; [OutputConstructor] private PromptMessage( - ImmutableArray content, + ImmutableArray> content, Pulumi.AwsNative.Bedrock.PromptConversationRole role) { diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionContentBlockProperties.cs b/sdk/dotnet/Bedrock/Outputs/PromptSystemContentBlock0Properties.cs similarity index 83% rename from sdk/dotnet/Bedrock/Outputs/PromptVersionContentBlockProperties.cs rename to sdk/dotnet/Bedrock/Outputs/PromptSystemContentBlock0Properties.cs index 8ad228f009..ca48c96902 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptVersionContentBlockProperties.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptSystemContentBlock0Properties.cs @@ -14,7 +14,7 @@ namespace Pulumi.AwsNative.Bedrock.Outputs /// Configuration for chat prompt template /// [OutputType] - public sealed class PromptVersionContentBlockProperties + public sealed class PromptSystemContentBlock0Properties { /// /// Configuration for chat prompt template @@ -22,7 +22,7 @@ public sealed class PromptVersionContentBlockProperties public readonly string Text; [OutputConstructor] - private PromptVersionContentBlockProperties(string text) + private PromptSystemContentBlock0Properties(string text) { Text = text; } diff --git a/sdk/dotnet/Bedrock/Outputs/PromptSystemContentBlock1Properties.cs b/sdk/dotnet/Bedrock/Outputs/PromptSystemContentBlock1Properties.cs new file mode 100644 index 0000000000..4b8ff3045d --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/PromptSystemContentBlock1Properties.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Outputs +{ + + /// + /// Configuration for chat prompt template + /// + [OutputType] + public sealed class PromptSystemContentBlock1Properties + { + public readonly Outputs.PromptCachePointBlock CachePoint; + + [OutputConstructor] + private PromptSystemContentBlock1Properties(Outputs.PromptCachePointBlock cachePoint) + { + CachePoint = cachePoint; + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/PromptTextPromptTemplateConfiguration.cs b/sdk/dotnet/Bedrock/Outputs/PromptTextPromptTemplateConfiguration.cs index 13c45ac01e..b8e59adf34 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptTextPromptTemplateConfiguration.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptTextPromptTemplateConfiguration.cs @@ -16,6 +16,7 @@ namespace Pulumi.AwsNative.Bedrock.Outputs [OutputType] public sealed class PromptTextPromptTemplateConfiguration { + public readonly Outputs.PromptCachePointBlock? CachePoint; /// /// List of input variables /// @@ -28,12 +29,15 @@ public sealed class PromptTextPromptTemplateConfiguration [OutputConstructor] private PromptTextPromptTemplateConfiguration( + Outputs.PromptCachePointBlock? cachePoint, + ImmutableArray inputVariables, string? text, Outputs.PromptTextS3Location? textS3Location) { + CachePoint = cachePoint; InputVariables = inputVariables; Text = text; TextS3Location = textS3Location; diff --git a/sdk/dotnet/Bedrock/Outputs/PromptToolProperties.cs b/sdk/dotnet/Bedrock/Outputs/PromptTool0Properties.cs similarity index 81% rename from sdk/dotnet/Bedrock/Outputs/PromptToolProperties.cs rename to sdk/dotnet/Bedrock/Outputs/PromptTool0Properties.cs index 7c6e180e19..3d26f5f012 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptToolProperties.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptTool0Properties.cs @@ -14,12 +14,12 @@ namespace Pulumi.AwsNative.Bedrock.Outputs /// Tool details /// [OutputType] - public sealed class PromptToolProperties + public sealed class PromptTool0Properties { public readonly Outputs.PromptToolSpecification ToolSpec; [OutputConstructor] - private PromptToolProperties(Outputs.PromptToolSpecification toolSpec) + private PromptTool0Properties(Outputs.PromptToolSpecification toolSpec) { ToolSpec = toolSpec; } diff --git a/sdk/dotnet/Bedrock/Outputs/PromptTool1Properties.cs b/sdk/dotnet/Bedrock/Outputs/PromptTool1Properties.cs new file mode 100644 index 0000000000..9eee27a2c3 --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/PromptTool1Properties.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Outputs +{ + + /// + /// Tool details + /// + [OutputType] + public sealed class PromptTool1Properties + { + public readonly Outputs.PromptCachePointBlock CachePoint; + + [OutputConstructor] + private PromptTool1Properties(Outputs.PromptCachePointBlock cachePoint) + { + CachePoint = cachePoint; + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/PromptToolConfiguration.cs b/sdk/dotnet/Bedrock/Outputs/PromptToolConfiguration.cs index 2d207bbf26..f439996ee6 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptToolConfiguration.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptToolConfiguration.cs @@ -20,13 +20,13 @@ public sealed class PromptToolConfiguration /// /// List of Tools /// - public readonly ImmutableArray Tools; + public readonly ImmutableArray> Tools; [OutputConstructor] private PromptToolConfiguration( object? toolChoice, - ImmutableArray tools) + ImmutableArray> tools) { ToolChoice = toolChoice; Tools = tools; diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVariant.cs b/sdk/dotnet/Bedrock/Outputs/PromptVariant.cs index e5170140ae..0536a9871b 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptVariant.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptVariant.cs @@ -16,6 +16,10 @@ namespace Pulumi.AwsNative.Bedrock.Outputs [OutputType] public sealed class PromptVariant { + /// + /// Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + /// + public readonly Outputs.PromptAdditionalModelRequestFields? AdditionalModelRequestFields; /// /// Specifies a generative AI resource with which to use the prompt. /// @@ -43,6 +47,8 @@ public sealed class PromptVariant [OutputConstructor] private PromptVariant( + Outputs.PromptAdditionalModelRequestFields? additionalModelRequestFields, + Outputs.PromptGenAiResourceProperties? genAiResource, Outputs.PromptInferenceConfigurationProperties? inferenceConfiguration, @@ -55,6 +61,7 @@ private PromptVariant( Pulumi.AwsNative.Bedrock.PromptTemplateType templateType) { + AdditionalModelRequestFields = additionalModelRequestFields; GenAiResource = genAiResource; InferenceConfiguration = inferenceConfiguration; ModelId = modelId; diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionAdditionalModelRequestFields.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionAdditionalModelRequestFields.cs new file mode 100644 index 0000000000..07f9b42a38 --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionAdditionalModelRequestFields.cs @@ -0,0 +1,24 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Outputs +{ + + /// + /// Contains model-specific configurations + /// + [OutputType] + public sealed class PromptVersionAdditionalModelRequestFields + { + [OutputConstructor] + private PromptVersionAdditionalModelRequestFields() + { + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionCachePointBlock.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionCachePointBlock.cs new file mode 100644 index 0000000000..6ae0fa586c --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionCachePointBlock.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Outputs +{ + + /// + /// CachePointBlock + /// + [OutputType] + public sealed class PromptVersionCachePointBlock + { + public readonly Pulumi.AwsNative.Bedrock.PromptVersionCachePointType Type; + + [OutputConstructor] + private PromptVersionCachePointBlock(Pulumi.AwsNative.Bedrock.PromptVersionCachePointType type) + { + Type = type; + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionChatPromptTemplateConfiguration.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionChatPromptTemplateConfiguration.cs index fcb0c55345..74bccd5117 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptVersionChatPromptTemplateConfiguration.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionChatPromptTemplateConfiguration.cs @@ -27,7 +27,7 @@ public sealed class PromptVersionChatPromptTemplateConfiguration /// /// Configuration for chat prompt template /// - public readonly ImmutableArray System; + public readonly ImmutableArray> System; public readonly Outputs.PromptVersionToolConfiguration? ToolConfiguration; [OutputConstructor] @@ -36,7 +36,7 @@ private PromptVersionChatPromptTemplateConfiguration( ImmutableArray messages, - ImmutableArray system, + ImmutableArray> system, Outputs.PromptVersionToolConfiguration? toolConfiguration) { diff --git a/sdk/dotnet/Bedrock/Outputs/PromptSystemContentBlockProperties.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionContentBlock0Properties.cs similarity index 83% rename from sdk/dotnet/Bedrock/Outputs/PromptSystemContentBlockProperties.cs rename to sdk/dotnet/Bedrock/Outputs/PromptVersionContentBlock0Properties.cs index 8f21933e3c..8982cbc93b 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptSystemContentBlockProperties.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionContentBlock0Properties.cs @@ -14,7 +14,7 @@ namespace Pulumi.AwsNative.Bedrock.Outputs /// Configuration for chat prompt template /// [OutputType] - public sealed class PromptSystemContentBlockProperties + public sealed class PromptVersionContentBlock0Properties { /// /// Configuration for chat prompt template @@ -22,7 +22,7 @@ public sealed class PromptSystemContentBlockProperties public readonly string Text; [OutputConstructor] - private PromptSystemContentBlockProperties(string text) + private PromptVersionContentBlock0Properties(string text) { Text = text; } diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionContentBlock1Properties.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionContentBlock1Properties.cs new file mode 100644 index 0000000000..9519677549 --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionContentBlock1Properties.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Outputs +{ + + /// + /// Configuration for chat prompt template + /// + [OutputType] + public sealed class PromptVersionContentBlock1Properties + { + public readonly Outputs.PromptVersionCachePointBlock CachePoint; + + [OutputConstructor] + private PromptVersionContentBlock1Properties(Outputs.PromptVersionCachePointBlock cachePoint) + { + CachePoint = cachePoint; + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionMessage.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionMessage.cs index dc6ec33bb6..0c24f944eb 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptVersionMessage.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionMessage.cs @@ -19,12 +19,12 @@ public sealed class PromptVersionMessage /// /// List of Content Blocks /// - public readonly ImmutableArray Content; + public readonly ImmutableArray> Content; public readonly Pulumi.AwsNative.Bedrock.PromptVersionConversationRole Role; [OutputConstructor] private PromptVersionMessage( - ImmutableArray content, + ImmutableArray> content, Pulumi.AwsNative.Bedrock.PromptVersionConversationRole role) { diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionPromptVariant.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionPromptVariant.cs index 8f6d67797d..021aa2ed2d 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptVersionPromptVariant.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionPromptVariant.cs @@ -16,6 +16,10 @@ namespace Pulumi.AwsNative.Bedrock.Outputs [OutputType] public sealed class PromptVersionPromptVariant { + /// + /// Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + /// + public readonly Outputs.PromptVersionAdditionalModelRequestFields? AdditionalModelRequestFields; /// /// Specifies a generative AI resource with which to use the prompt. /// @@ -43,6 +47,8 @@ public sealed class PromptVersionPromptVariant [OutputConstructor] private PromptVersionPromptVariant( + Outputs.PromptVersionAdditionalModelRequestFields? additionalModelRequestFields, + Outputs.PromptVersionPromptGenAiResourceProperties? genAiResource, Outputs.PromptVersionPromptInferenceConfigurationProperties? inferenceConfiguration, @@ -55,6 +61,7 @@ private PromptVersionPromptVariant( Pulumi.AwsNative.Bedrock.PromptVersionPromptTemplateType templateType) { + AdditionalModelRequestFields = additionalModelRequestFields; GenAiResource = genAiResource; InferenceConfiguration = inferenceConfiguration; ModelId = modelId; diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionSystemContentBlockProperties.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionSystemContentBlock0Properties.cs similarity index 82% rename from sdk/dotnet/Bedrock/Outputs/PromptVersionSystemContentBlockProperties.cs rename to sdk/dotnet/Bedrock/Outputs/PromptVersionSystemContentBlock0Properties.cs index 4c4fa65013..6f1e25da40 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptVersionSystemContentBlockProperties.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionSystemContentBlock0Properties.cs @@ -14,7 +14,7 @@ namespace Pulumi.AwsNative.Bedrock.Outputs /// Configuration for chat prompt template /// [OutputType] - public sealed class PromptVersionSystemContentBlockProperties + public sealed class PromptVersionSystemContentBlock0Properties { /// /// Configuration for chat prompt template @@ -22,7 +22,7 @@ public sealed class PromptVersionSystemContentBlockProperties public readonly string Text; [OutputConstructor] - private PromptVersionSystemContentBlockProperties(string text) + private PromptVersionSystemContentBlock0Properties(string text) { Text = text; } diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionSystemContentBlock1Properties.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionSystemContentBlock1Properties.cs new file mode 100644 index 0000000000..1c46f3d392 --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionSystemContentBlock1Properties.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Outputs +{ + + /// + /// Configuration for chat prompt template + /// + [OutputType] + public sealed class PromptVersionSystemContentBlock1Properties + { + public readonly Outputs.PromptVersionCachePointBlock CachePoint; + + [OutputConstructor] + private PromptVersionSystemContentBlock1Properties(Outputs.PromptVersionCachePointBlock cachePoint) + { + CachePoint = cachePoint; + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionTextPromptTemplateConfiguration.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionTextPromptTemplateConfiguration.cs index bed8dc6cf5..fba7004486 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptVersionTextPromptTemplateConfiguration.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionTextPromptTemplateConfiguration.cs @@ -16,6 +16,7 @@ namespace Pulumi.AwsNative.Bedrock.Outputs [OutputType] public sealed class PromptVersionTextPromptTemplateConfiguration { + public readonly Outputs.PromptVersionCachePointBlock? CachePoint; /// /// List of input variables /// @@ -27,10 +28,13 @@ public sealed class PromptVersionTextPromptTemplateConfiguration [OutputConstructor] private PromptVersionTextPromptTemplateConfiguration( + Outputs.PromptVersionCachePointBlock? cachePoint, + ImmutableArray inputVariables, string text) { + CachePoint = cachePoint; InputVariables = inputVariables; Text = text; } diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionToolProperties.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionTool0Properties.cs similarity index 79% rename from sdk/dotnet/Bedrock/Outputs/PromptVersionToolProperties.cs rename to sdk/dotnet/Bedrock/Outputs/PromptVersionTool0Properties.cs index da19f463ad..ac25c2729b 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptVersionToolProperties.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionTool0Properties.cs @@ -14,12 +14,12 @@ namespace Pulumi.AwsNative.Bedrock.Outputs /// Tool details /// [OutputType] - public sealed class PromptVersionToolProperties + public sealed class PromptVersionTool0Properties { public readonly Outputs.PromptVersionToolSpecification ToolSpec; [OutputConstructor] - private PromptVersionToolProperties(Outputs.PromptVersionToolSpecification toolSpec) + private PromptVersionTool0Properties(Outputs.PromptVersionToolSpecification toolSpec) { ToolSpec = toolSpec; } diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionTool1Properties.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionTool1Properties.cs new file mode 100644 index 0000000000..00b291c7a2 --- /dev/null +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionTool1Properties.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Bedrock.Outputs +{ + + /// + /// Tool details + /// + [OutputType] + public sealed class PromptVersionTool1Properties + { + public readonly Outputs.PromptVersionCachePointBlock CachePoint; + + [OutputConstructor] + private PromptVersionTool1Properties(Outputs.PromptVersionCachePointBlock cachePoint) + { + CachePoint = cachePoint; + } + } +} diff --git a/sdk/dotnet/Bedrock/Outputs/PromptVersionToolConfiguration.cs b/sdk/dotnet/Bedrock/Outputs/PromptVersionToolConfiguration.cs index 686155ee04..704d267744 100644 --- a/sdk/dotnet/Bedrock/Outputs/PromptVersionToolConfiguration.cs +++ b/sdk/dotnet/Bedrock/Outputs/PromptVersionToolConfiguration.cs @@ -20,13 +20,13 @@ public sealed class PromptVersionToolConfiguration /// /// List of Tools /// - public readonly ImmutableArray Tools; + public readonly ImmutableArray> Tools; [OutputConstructor] private PromptVersionToolConfiguration( object? toolChoice, - ImmutableArray tools) + ImmutableArray> tools) { ToolChoice = toolChoice; Tools = tools; diff --git a/sdk/dotnet/Cognito/GetUserPoolDomain.cs b/sdk/dotnet/Cognito/GetUserPoolDomain.cs index af69954152..c2091168a5 100644 --- a/sdk/dotnet/Cognito/GetUserPoolDomain.cs +++ b/sdk/dotnet/Cognito/GetUserPoolDomain.cs @@ -34,10 +34,16 @@ public static Output Invoke(GetUserPoolDomainInvokeArgs public sealed class GetUserPoolDomainArgs : global::Pulumi.InvokeArgs { /// - /// The resource ID. + /// The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` . /// - [Input("id", required: true)] - public string Id { get; set; } = null!; + [Input("domain", required: true)] + public string Domain { get; set; } = null!; + + /// + /// The ID of the user pool that is associated with the domain you're updating. + /// + [Input("userPoolId", required: true)] + public string UserPoolId { get; set; } = null!; public GetUserPoolDomainArgs() { @@ -48,10 +54,16 @@ public GetUserPoolDomainArgs() public sealed class GetUserPoolDomainInvokeArgs : global::Pulumi.InvokeArgs { /// - /// The resource ID. + /// The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` . + /// + [Input("domain", required: true)] + public Input Domain { get; set; } = null!; + + /// + /// The ID of the user pool that is associated with the domain you're updating. /// - [Input("id", required: true)] - public Input Id { get; set; } = null!; + [Input("userPoolId", required: true)] + public Input UserPoolId { get; set; } = null!; public GetUserPoolDomainInvokeArgs() { @@ -73,29 +85,15 @@ public sealed class GetUserPoolDomainResult /// When you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain. /// public readonly Outputs.UserPoolDomainCustomDomainConfigType? CustomDomainConfig; - /// - /// The resource ID. - /// - public readonly string? Id; - /// - /// A version number that indicates the state of managed login for your domain. Version `1` is hosted UI (classic). Version `2` is the newer managed login with the branding designer. For more information, see [Managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) . - /// - public readonly int? ManagedLoginVersion; [OutputConstructor] private GetUserPoolDomainResult( string? cloudFrontDistribution, - Outputs.UserPoolDomainCustomDomainConfigType? customDomainConfig, - - string? id, - - int? managedLoginVersion) + Outputs.UserPoolDomainCustomDomainConfigType? customDomainConfig) { CloudFrontDistribution = cloudFrontDistribution; CustomDomainConfig = customDomainConfig; - Id = id; - ManagedLoginVersion = managedLoginVersion; } } } diff --git a/sdk/dotnet/Cognito/UserPoolDomain.cs b/sdk/dotnet/Cognito/UserPoolDomain.cs index bb252c7e17..c7c1627177 100644 --- a/sdk/dotnet/Cognito/UserPoolDomain.cs +++ b/sdk/dotnet/Cognito/UserPoolDomain.cs @@ -15,12 +15,6 @@ namespace Pulumi.AwsNative.Cognito [AwsNativeResourceType("aws-native:cognito:UserPoolDomain")] public partial class UserPoolDomain : global::Pulumi.CustomResource { - /// - /// The resource ID. - /// - [Output("awsId")] - public Output AwsId { get; private set; } = null!; - /// /// The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider. /// diff --git a/sdk/dotnet/Connect/ContactFlowVersion.cs b/sdk/dotnet/Connect/ContactFlowVersion.cs new file mode 100644 index 0000000000..d7df685af4 --- /dev/null +++ b/sdk/dotnet/Connect/ContactFlowVersion.cs @@ -0,0 +1,115 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Connect +{ + /// + /// Resource Type Definition for ContactFlowVersion + /// + [AwsNativeResourceType("aws-native:connect:ContactFlowVersion")] + public partial class ContactFlowVersion : global::Pulumi.CustomResource + { + /// + /// The ARN of the contact flow this version is tied to. + /// + [Output("contactFlowId")] + public Output ContactFlowId { get; private set; } = null!; + + /// + /// The identifier of the contact flow version (ARN). + /// + [Output("contactFlowVersionArn")] + public Output ContactFlowVersionArn { get; private set; } = null!; + + /// + /// The description of the version. + /// + [Output("description")] + public Output Description { get; private set; } = null!; + + /// + /// Indicates the checksum value of the latest published flow content + /// + [Output("flowContentSha256")] + public Output FlowContentSha256 { get; private set; } = null!; + + /// + /// The version number of this revision + /// + [Output("version")] + public Output Version { get; private set; } = null!; + + + /// + /// Create a ContactFlowVersion resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public ContactFlowVersion(string name, ContactFlowVersionArgs args, CustomResourceOptions? options = null) + : base("aws-native:connect:ContactFlowVersion", name, args ?? new ContactFlowVersionArgs(), MakeResourceOptions(options, "")) + { + } + + private ContactFlowVersion(string name, Input id, CustomResourceOptions? options = null) + : base("aws-native:connect:ContactFlowVersion", name, null, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + ReplaceOnChanges = + { + "contactFlowId", + "description", + }, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing ContactFlowVersion resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// A bag of options that control this resource's behavior + public static ContactFlowVersion Get(string name, Input id, CustomResourceOptions? options = null) + { + return new ContactFlowVersion(name, id, options); + } + } + + public sealed class ContactFlowVersionArgs : global::Pulumi.ResourceArgs + { + /// + /// The ARN of the contact flow this version is tied to. + /// + [Input("contactFlowId", required: true)] + public Input ContactFlowId { get; set; } = null!; + + /// + /// The description of the version. + /// + [Input("description")] + public Input? Description { get; set; } + + public ContactFlowVersionArgs() + { + } + public static new ContactFlowVersionArgs Empty => new ContactFlowVersionArgs(); + } +} diff --git a/sdk/dotnet/Connect/GetContactFlowVersion.cs b/sdk/dotnet/Connect/GetContactFlowVersion.cs new file mode 100644 index 0000000000..b4b1a4c8e4 --- /dev/null +++ b/sdk/dotnet/Connect/GetContactFlowVersion.cs @@ -0,0 +1,92 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Connect +{ + public static class GetContactFlowVersion + { + /// + /// Resource Type Definition for ContactFlowVersion + /// + public static Task InvokeAsync(GetContactFlowVersionArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("aws-native:connect:getContactFlowVersion", args ?? new GetContactFlowVersionArgs(), options.WithDefaults()); + + /// + /// Resource Type Definition for ContactFlowVersion + /// + public static Output Invoke(GetContactFlowVersionInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("aws-native:connect:getContactFlowVersion", args ?? new GetContactFlowVersionInvokeArgs(), options.WithDefaults()); + + /// + /// Resource Type Definition for ContactFlowVersion + /// + public static Output Invoke(GetContactFlowVersionInvokeArgs args, InvokeOutputOptions options) + => global::Pulumi.Deployment.Instance.Invoke("aws-native:connect:getContactFlowVersion", args ?? new GetContactFlowVersionInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetContactFlowVersionArgs : global::Pulumi.InvokeArgs + { + /// + /// The identifier of the contact flow version (ARN). + /// + [Input("contactFlowVersionArn", required: true)] + public string ContactFlowVersionArn { get; set; } = null!; + + public GetContactFlowVersionArgs() + { + } + public static new GetContactFlowVersionArgs Empty => new GetContactFlowVersionArgs(); + } + + public sealed class GetContactFlowVersionInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// The identifier of the contact flow version (ARN). + /// + [Input("contactFlowVersionArn", required: true)] + public Input ContactFlowVersionArn { get; set; } = null!; + + public GetContactFlowVersionInvokeArgs() + { + } + public static new GetContactFlowVersionInvokeArgs Empty => new GetContactFlowVersionInvokeArgs(); + } + + + [OutputType] + public sealed class GetContactFlowVersionResult + { + /// + /// The identifier of the contact flow version (ARN). + /// + public readonly string? ContactFlowVersionArn; + /// + /// Indicates the checksum value of the latest published flow content + /// + public readonly string? FlowContentSha256; + /// + /// The version number of this revision + /// + public readonly int? Version; + + [OutputConstructor] + private GetContactFlowVersionResult( + string? contactFlowVersionArn, + + string? flowContentSha256, + + int? version) + { + ContactFlowVersionArn = contactFlowVersionArn; + FlowContentSha256 = flowContentSha256; + Version = version; + } + } +} diff --git a/sdk/dotnet/DataSync/Enums.cs b/sdk/dotnet/DataSync/Enums.cs index 74ab43f40f..f5d2964c00 100644 --- a/sdk/dotnet/DataSync/Enums.cs +++ b/sdk/dotnet/DataSync/Enums.cs @@ -457,6 +457,37 @@ private LocationS3S3StorageClass(string value) public override string ToString() => _value; } + /// + /// The authentication mode used to determine identity of user. + /// + [EnumType] + public readonly struct LocationSmbAuthenticationType : IEquatable + { + private readonly string _value; + + private LocationSmbAuthenticationType(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + public static LocationSmbAuthenticationType Ntlm { get; } = new LocationSmbAuthenticationType("NTLM"); + public static LocationSmbAuthenticationType Kerberos { get; } = new LocationSmbAuthenticationType("KERBEROS"); + + public static bool operator ==(LocationSmbAuthenticationType left, LocationSmbAuthenticationType right) => left.Equals(right); + public static bool operator !=(LocationSmbAuthenticationType left, LocationSmbAuthenticationType right) => !left.Equals(right); + + public static explicit operator string(LocationSmbAuthenticationType value) => value._value; + + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object? obj) => obj is LocationSmbAuthenticationType other && Equals(other); + public bool Equals(LocationSmbAuthenticationType other) => string.Equals(_value, other._value, StringComparison.Ordinal); + + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + + public override string ToString() => _value; + } + /// /// The specific SMB version that you want DataSync to use to mount your SMB share. /// diff --git a/sdk/dotnet/DataSync/GetLocationSmb.cs b/sdk/dotnet/DataSync/GetLocationSmb.cs index cf670a57e3..94f44ca8f6 100644 --- a/sdk/dotnet/DataSync/GetLocationSmb.cs +++ b/sdk/dotnet/DataSync/GetLocationSmb.cs @@ -68,10 +68,22 @@ public sealed class GetLocationSmbResult /// public readonly ImmutableArray AgentArns; /// + /// The authentication mode used to determine identity of user. + /// + public readonly Pulumi.AwsNative.DataSync.LocationSmbAuthenticationType? AuthenticationType; + /// + /// Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + /// + public readonly ImmutableArray DnsIpAddresses; + /// /// The name of the Windows domain that the SMB server belongs to. /// public readonly string? Domain; /// + /// Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + /// + public readonly string? KerberosPrincipal; + /// /// The Amazon Resource Name (ARN) of the SMB location that is created. /// public readonly string? LocationArn; @@ -96,8 +108,14 @@ public sealed class GetLocationSmbResult private GetLocationSmbResult( ImmutableArray agentArns, + Pulumi.AwsNative.DataSync.LocationSmbAuthenticationType? authenticationType, + + ImmutableArray dnsIpAddresses, + string? domain, + string? kerberosPrincipal, + string? locationArn, string? locationUri, @@ -109,7 +127,10 @@ private GetLocationSmbResult( string? user) { AgentArns = agentArns; + AuthenticationType = authenticationType; + DnsIpAddresses = dnsIpAddresses; Domain = domain; + KerberosPrincipal = kerberosPrincipal; LocationArn = locationArn; LocationUri = locationUri; MountOptions = mountOptions; diff --git a/sdk/dotnet/DataSync/LocationSmb.cs b/sdk/dotnet/DataSync/LocationSmb.cs index 675dc68096..3c3c1b0e98 100644 --- a/sdk/dotnet/DataSync/LocationSmb.cs +++ b/sdk/dotnet/DataSync/LocationSmb.cs @@ -21,12 +21,42 @@ public partial class LocationSmb : global::Pulumi.CustomResource [Output("agentArns")] public Output> AgentArns { get; private set; } = null!; + /// + /// The authentication mode used to determine identity of user. + /// + [Output("authenticationType")] + public Output AuthenticationType { get; private set; } = null!; + + /// + /// Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + /// + [Output("dnsIpAddresses")] + public Output> DnsIpAddresses { get; private set; } = null!; + /// /// The name of the Windows domain that the SMB server belongs to. /// [Output("domain")] public Output Domain { get; private set; } = null!; + /// + /// The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file. + /// + [Output("kerberosKeytab")] + public Output KerberosKeytab { get; private set; } = null!; + + /// + /// The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file. + /// + [Output("kerberosKrb5Conf")] + public Output KerberosKrb5Conf { get; private set; } = null!; + + /// + /// Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + /// + [Output("kerberosPrincipal")] + public Output KerberosPrincipal { get; private set; } = null!; + /// /// The Amazon Resource Name (ARN) of the SMB location that is created. /// @@ -73,7 +103,7 @@ public partial class LocationSmb : global::Pulumi.CustomResource /// The user who can mount the share, has the permissions to access files and folders in the SMB share. /// [Output("user")] - public Output User { get; private set; } = null!; + public Output User { get; private set; } = null!; /// @@ -98,10 +128,6 @@ private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? var defaultOptions = new CustomResourceOptions { Version = Utilities.Version, - ReplaceOnChanges = - { - "serverHostname", - }, }; var merged = CustomResourceOptions.Merge(defaultOptions, options); // Override the ID if one was specified for consistency with other language SDKs. @@ -136,12 +162,48 @@ public InputList AgentArns set => _agentArns = value; } + /// + /// The authentication mode used to determine identity of user. + /// + [Input("authenticationType")] + public Input? AuthenticationType { get; set; } + + [Input("dnsIpAddresses")] + private InputList? _dnsIpAddresses; + + /// + /// Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + /// + public InputList DnsIpAddresses + { + get => _dnsIpAddresses ?? (_dnsIpAddresses = new InputList()); + set => _dnsIpAddresses = value; + } + /// /// The name of the Windows domain that the SMB server belongs to. /// [Input("domain")] public Input? Domain { get; set; } + /// + /// The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file. + /// + [Input("kerberosKeytab")] + public Input? KerberosKeytab { get; set; } + + /// + /// The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file. + /// + [Input("kerberosKrb5Conf")] + public Input? KerberosKrb5Conf { get; set; } + + /// + /// Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + /// + [Input("kerberosPrincipal")] + public Input? KerberosPrincipal { get; set; } + /// /// Specifies the version of the SMB protocol that DataSync uses to access your SMB file server. /// @@ -181,8 +243,8 @@ public InputList Tags /// /// The user who can mount the share, has the permissions to access files and folders in the SMB share. /// - [Input("user", required: true)] - public Input User { get; set; } = null!; + [Input("user")] + public Input? User { get; set; } public LocationSmbArgs() { diff --git a/sdk/dotnet/Ecs/Cluster.cs b/sdk/dotnet/Ecs/Cluster.cs index ea48d49343..f8893738b1 100644 --- a/sdk/dotnet/Ecs/Cluster.cs +++ b/sdk/dotnet/Ecs/Cluster.cs @@ -37,7 +37,9 @@ public partial class Cluster : global::Pulumi.CustomResource public Output ClusterName { get; private set; } = null!; /// - /// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + /// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + /// Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + /// For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. /// [Output("clusterSettings")] public Output> ClusterSettings { get; private set; } = null!; @@ -149,7 +151,9 @@ public InputList CapacityProviders private InputList? _clusterSettings; /// - /// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + /// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + /// Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + /// For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. /// public InputList ClusterSettings { diff --git a/sdk/dotnet/Ecs/GetCluster.cs b/sdk/dotnet/Ecs/GetCluster.cs index 85a7260616..57eb86972e 100644 --- a/sdk/dotnet/Ecs/GetCluster.cs +++ b/sdk/dotnet/Ecs/GetCluster.cs @@ -75,7 +75,9 @@ public sealed class GetClusterResult /// public readonly ImmutableArray CapacityProviders; /// - /// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + /// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + /// Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + /// For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. /// public readonly ImmutableArray ClusterSettings; /// diff --git a/sdk/dotnet/Ecs/Inputs/ClusterSettingsArgs.cs b/sdk/dotnet/Ecs/Inputs/ClusterSettingsArgs.cs index 2874c07d20..5a54a1ec4f 100644 --- a/sdk/dotnet/Ecs/Inputs/ClusterSettingsArgs.cs +++ b/sdk/dotnet/Ecs/Inputs/ClusterSettingsArgs.cs @@ -11,7 +11,9 @@ namespace Pulumi.AwsNative.Ecs.Inputs { /// - /// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + /// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + /// Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + /// For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. /// public sealed class ClusterSettingsArgs : global::Pulumi.ResourceArgs { @@ -22,8 +24,10 @@ public sealed class ClusterSettingsArgs : global::Pulumi.ResourceArgs public Input? Name { get; set; } /// - /// The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. - /// If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). + /// The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. + /// To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. + /// To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. + /// If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). /// [Input("value")] public Input? Value { get; set; } diff --git a/sdk/dotnet/Ecs/Outputs/ClusterSettings.cs b/sdk/dotnet/Ecs/Outputs/ClusterSettings.cs index e2bf6a7438..e40ad340fb 100644 --- a/sdk/dotnet/Ecs/Outputs/ClusterSettings.cs +++ b/sdk/dotnet/Ecs/Outputs/ClusterSettings.cs @@ -11,7 +11,9 @@ namespace Pulumi.AwsNative.Ecs.Outputs { /// - /// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + /// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + /// Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + /// For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. /// [OutputType] public sealed class ClusterSettings @@ -21,8 +23,10 @@ public sealed class ClusterSettings /// public readonly string? Name; /// - /// The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. - /// If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). + /// The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. + /// To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. + /// To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. + /// If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). /// public readonly string? Value; diff --git a/sdk/dotnet/Efs/GetMountTarget.cs b/sdk/dotnet/Efs/GetMountTarget.cs index 2bc20fe934..18ea9ad3a2 100644 --- a/sdk/dotnet/Efs/GetMountTarget.cs +++ b/sdk/dotnet/Efs/GetMountTarget.cs @@ -74,7 +74,7 @@ public sealed class GetMountTargetResult /// public readonly string? Id; /// - /// Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + /// VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). /// public readonly ImmutableArray SecurityGroups; diff --git a/sdk/dotnet/Efs/MountTarget.cs b/sdk/dotnet/Efs/MountTarget.cs index 467d0132a0..8bb39b1ed3 100644 --- a/sdk/dotnet/Efs/MountTarget.cs +++ b/sdk/dotnet/Efs/MountTarget.cs @@ -36,7 +36,7 @@ public partial class MountTarget : global::Pulumi.CustomResource public Output IpAddress { get; private set; } = null!; /// - /// Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + /// VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). /// [Output("securityGroups")] public Output> SecurityGroups { get; private set; } = null!; @@ -114,7 +114,7 @@ public sealed class MountTargetArgs : global::Pulumi.ResourceArgs private InputList? _securityGroups; /// - /// Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + /// VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). /// public InputList SecurityGroups { diff --git a/sdk/dotnet/EmrContainers/GetVirtualCluster.cs b/sdk/dotnet/EmrContainers/GetVirtualCluster.cs index f95bdafe58..33ecf058a4 100644 --- a/sdk/dotnet/EmrContainers/GetVirtualCluster.cs +++ b/sdk/dotnet/EmrContainers/GetVirtualCluster.cs @@ -72,6 +72,10 @@ public sealed class GetVirtualClusterResult /// public readonly string? Id; /// + /// The ID of the security configuration. + /// + public readonly string? SecurityConfigurationId; + /// /// An array of key-value pairs to apply to this virtual cluster. /// public readonly ImmutableArray Tags; @@ -82,10 +86,13 @@ private GetVirtualClusterResult( string? id, + string? securityConfigurationId, + ImmutableArray tags) { Arn = arn; Id = id; + SecurityConfigurationId = securityConfigurationId; Tags = tags; } } diff --git a/sdk/dotnet/EmrContainers/VirtualCluster.cs b/sdk/dotnet/EmrContainers/VirtualCluster.cs index 5f68bb0911..09ad22cc42 100644 --- a/sdk/dotnet/EmrContainers/VirtualCluster.cs +++ b/sdk/dotnet/EmrContainers/VirtualCluster.cs @@ -125,6 +125,12 @@ public partial class VirtualCluster : global::Pulumi.CustomResource [Output("name")] public Output Name { get; private set; } = null!; + /// + /// The ID of the security configuration. + /// + [Output("securityConfigurationId")] + public Output SecurityConfigurationId { get; private set; } = null!; + /// /// An array of key-value pairs to apply to this virtual cluster. /// @@ -193,6 +199,12 @@ public sealed class VirtualClusterArgs : global::Pulumi.ResourceArgs [Input("name")] public Input? Name { get; set; } + /// + /// The ID of the security configuration. + /// + [Input("securityConfigurationId")] + public Input? SecurityConfigurationId { get; set; } + [Input("tags")] private InputList? _tags; diff --git a/sdk/dotnet/Fms/GetPolicy.cs b/sdk/dotnet/Fms/GetPolicy.cs index 7ff00dfc12..5a45fcaf9a 100644 --- a/sdk/dotnet/Fms/GetPolicy.cs +++ b/sdk/dotnet/Fms/GetPolicy.cs @@ -156,7 +156,7 @@ public sealed class GetPolicyResult /// /// This contains the following settings: /// - /// - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + /// - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . /// /// Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` /// - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. diff --git a/sdk/dotnet/Fms/Inputs/PolicySecurityServicePolicyDataArgs.cs b/sdk/dotnet/Fms/Inputs/PolicySecurityServicePolicyDataArgs.cs index 9f6060b837..c27bbf26ec 100644 --- a/sdk/dotnet/Fms/Inputs/PolicySecurityServicePolicyDataArgs.cs +++ b/sdk/dotnet/Fms/Inputs/PolicySecurityServicePolicyDataArgs.cs @@ -107,7 +107,7 @@ public sealed class PolicySecurityServicePolicyDataArgs : global::Pulumi.Resourc public Input? PolicyOption { get; set; } /// - /// The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + /// The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . /// [Input("type", required: true)] public Input Type { get; set; } = null!; diff --git a/sdk/dotnet/Fms/Outputs/PolicySecurityServicePolicyData.cs b/sdk/dotnet/Fms/Outputs/PolicySecurityServicePolicyData.cs index b6328fa093..2c9eb35193 100644 --- a/sdk/dotnet/Fms/Outputs/PolicySecurityServicePolicyData.cs +++ b/sdk/dotnet/Fms/Outputs/PolicySecurityServicePolicyData.cs @@ -104,7 +104,7 @@ public sealed class PolicySecurityServicePolicyData /// public readonly Outputs.PolicyOption? PolicyOption; /// - /// The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + /// The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . /// public readonly Pulumi.AwsNative.Fms.PolicyType Type; diff --git a/sdk/dotnet/Fms/Policy.cs b/sdk/dotnet/Fms/Policy.cs index 11d6fccdf2..26596e4d23 100644 --- a/sdk/dotnet/Fms/Policy.cs +++ b/sdk/dotnet/Fms/Policy.cs @@ -155,7 +155,7 @@ public partial class Policy : global::Pulumi.CustomResource /// /// This contains the following settings: /// - /// - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + /// - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . /// /// Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` /// - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. @@ -439,7 +439,7 @@ public InputList ResourceTypeList /// /// This contains the following settings: /// - /// - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + /// - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . /// /// Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` /// - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. diff --git a/sdk/dotnet/Glue/Inputs/CrawlerHudiTargetArgs.cs b/sdk/dotnet/Glue/Inputs/CrawlerHudiTargetArgs.cs new file mode 100644 index 0000000000..9595f6e706 --- /dev/null +++ b/sdk/dotnet/Glue/Inputs/CrawlerHudiTargetArgs.cs @@ -0,0 +1,59 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Glue.Inputs +{ + + /// + /// Specifies Apache Hudi data store targets. + /// + public sealed class CrawlerHudiTargetArgs : global::Pulumi.ResourceArgs + { + /// + /// The name of the connection to use to connect to the Hudi target. + /// + [Input("connectionName")] + public Input? ConnectionName { get; set; } + + [Input("exclusions")] + private InputList? _exclusions; + + /// + /// A list of global patterns used to exclude from the crawl. + /// + public InputList Exclusions + { + get => _exclusions ?? (_exclusions = new InputList()); + set => _exclusions = value; + } + + /// + /// The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. + /// + [Input("maximumTraversalDepth")] + public Input? MaximumTraversalDepth { get; set; } + + [Input("paths")] + private InputList? _paths; + + /// + /// One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . + /// + public InputList Paths + { + get => _paths ?? (_paths = new InputList()); + set => _paths = value; + } + + public CrawlerHudiTargetArgs() + { + } + public static new CrawlerHudiTargetArgs Empty => new CrawlerHudiTargetArgs(); + } +} diff --git a/sdk/dotnet/Glue/Inputs/CrawlerTargetsArgs.cs b/sdk/dotnet/Glue/Inputs/CrawlerTargetsArgs.cs index 0d15c09dd3..b57356cbb4 100644 --- a/sdk/dotnet/Glue/Inputs/CrawlerTargetsArgs.cs +++ b/sdk/dotnet/Glue/Inputs/CrawlerTargetsArgs.cs @@ -51,6 +51,18 @@ public InputList DynamoDbTargets set => _dynamoDbTargets = value; } + [Input("hudiTargets")] + private InputList? _hudiTargets; + + /// + /// Specifies Apache Hudi data store targets. + /// + public InputList HudiTargets + { + get => _hudiTargets ?? (_hudiTargets = new InputList()); + set => _hudiTargets = value; + } + [Input("icebergTargets")] private InputList? _icebergTargets; diff --git a/sdk/dotnet/Glue/Outputs/CrawlerHudiTarget.cs b/sdk/dotnet/Glue/Outputs/CrawlerHudiTarget.cs new file mode 100644 index 0000000000..c1db009f30 --- /dev/null +++ b/sdk/dotnet/Glue/Outputs/CrawlerHudiTarget.cs @@ -0,0 +1,52 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Glue.Outputs +{ + + /// + /// Specifies Apache Hudi data store targets. + /// + [OutputType] + public sealed class CrawlerHudiTarget + { + /// + /// The name of the connection to use to connect to the Hudi target. + /// + public readonly string? ConnectionName; + /// + /// A list of global patterns used to exclude from the crawl. + /// + public readonly ImmutableArray Exclusions; + /// + /// The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. + /// + public readonly int? MaximumTraversalDepth; + /// + /// One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . + /// + public readonly ImmutableArray Paths; + + [OutputConstructor] + private CrawlerHudiTarget( + string? connectionName, + + ImmutableArray exclusions, + + int? maximumTraversalDepth, + + ImmutableArray paths) + { + ConnectionName = connectionName; + Exclusions = exclusions; + MaximumTraversalDepth = maximumTraversalDepth; + Paths = paths; + } + } +} diff --git a/sdk/dotnet/Glue/Outputs/CrawlerTargets.cs b/sdk/dotnet/Glue/Outputs/CrawlerTargets.cs index 9d2e713bb0..ab366a090e 100644 --- a/sdk/dotnet/Glue/Outputs/CrawlerTargets.cs +++ b/sdk/dotnet/Glue/Outputs/CrawlerTargets.cs @@ -29,6 +29,10 @@ public sealed class CrawlerTargets /// public readonly ImmutableArray DynamoDbTargets; /// + /// Specifies Apache Hudi data store targets. + /// + public readonly ImmutableArray HudiTargets; + /// /// Specifies Apache Iceberg data store targets. /// public readonly ImmutableArray IcebergTargets; @@ -53,6 +57,8 @@ private CrawlerTargets( ImmutableArray dynamoDbTargets, + ImmutableArray hudiTargets, + ImmutableArray icebergTargets, ImmutableArray jdbcTargets, @@ -64,6 +70,7 @@ private CrawlerTargets( CatalogTargets = catalogTargets; DeltaTargets = deltaTargets; DynamoDbTargets = dynamoDbTargets; + HudiTargets = hudiTargets; IcebergTargets = icebergTargets; JdbcTargets = jdbcTargets; MongoDbTargets = mongoDbTargets; diff --git a/sdk/dotnet/GroundStation/DataflowEndpointGroup.cs b/sdk/dotnet/GroundStation/DataflowEndpointGroup.cs index 2123508601..a677384b94 100644 --- a/sdk/dotnet/GroundStation/DataflowEndpointGroup.cs +++ b/sdk/dotnet/GroundStation/DataflowEndpointGroup.cs @@ -121,6 +121,12 @@ private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? var defaultOptions = new CustomResourceOptions { Version = Utilities.Version, + ReplaceOnChanges = + { + "contactPostPassDurationSeconds", + "contactPrePassDurationSeconds", + "endpointDetails[*]", + }, }; var merged = CustomResourceOptions.Merge(defaultOptions, options); // Override the ID if one was specified for consistency with other language SDKs. diff --git a/sdk/dotnet/GroundStation/GetDataflowEndpointGroup.cs b/sdk/dotnet/GroundStation/GetDataflowEndpointGroup.cs index ebfe41a53c..381af85ec1 100644 --- a/sdk/dotnet/GroundStation/GetDataflowEndpointGroup.cs +++ b/sdk/dotnet/GroundStation/GetDataflowEndpointGroup.cs @@ -68,18 +68,6 @@ public sealed class GetDataflowEndpointGroupResult /// public readonly string? Arn; /// - /// Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state. - /// - public readonly int? ContactPostPassDurationSeconds; - /// - /// Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state. - /// - public readonly int? ContactPrePassDurationSeconds; - /// - /// List of Endpoint Details, containing address and port for each endpoint. - /// - public readonly ImmutableArray EndpointDetails; - /// /// UUID of a dataflow endpoint group. /// public readonly string? Id; @@ -92,20 +80,11 @@ public sealed class GetDataflowEndpointGroupResult private GetDataflowEndpointGroupResult( string? arn, - int? contactPostPassDurationSeconds, - - int? contactPrePassDurationSeconds, - - ImmutableArray endpointDetails, - string? id, ImmutableArray tags) { Arn = arn; - ContactPostPassDurationSeconds = contactPostPassDurationSeconds; - ContactPrePassDurationSeconds = contactPrePassDurationSeconds; - EndpointDetails = endpointDetails; Id = id; Tags = tags; } diff --git a/sdk/dotnet/GroundStation/Inputs/MissionProfileStreamsKmsKeyArgs.cs b/sdk/dotnet/GroundStation/Inputs/MissionProfileStreamsKmsKeyArgs.cs index 9d6debeb11..d0873f929b 100644 --- a/sdk/dotnet/GroundStation/Inputs/MissionProfileStreamsKmsKeyArgs.cs +++ b/sdk/dotnet/GroundStation/Inputs/MissionProfileStreamsKmsKeyArgs.cs @@ -18,6 +18,9 @@ public sealed class MissionProfileStreamsKmsKeyArgs : global::Pulumi.ResourceArg [Input("kmsAliasArn")] public Input? KmsAliasArn { get; set; } + [Input("kmsAliasName")] + public Input? KmsAliasName { get; set; } + /// /// KMS Key Arn. /// diff --git a/sdk/dotnet/GroundStation/Outputs/MissionProfileStreamsKmsKey.cs b/sdk/dotnet/GroundStation/Outputs/MissionProfileStreamsKmsKey.cs index 8b0181f7a8..6186f039e6 100644 --- a/sdk/dotnet/GroundStation/Outputs/MissionProfileStreamsKmsKey.cs +++ b/sdk/dotnet/GroundStation/Outputs/MissionProfileStreamsKmsKey.cs @@ -17,6 +17,7 @@ public sealed class MissionProfileStreamsKmsKey /// KMS Alias Arn. /// public readonly string? KmsAliasArn; + public readonly string? KmsAliasName; /// /// KMS Key Arn. /// @@ -26,9 +27,12 @@ public sealed class MissionProfileStreamsKmsKey private MissionProfileStreamsKmsKey( string? kmsAliasArn, + string? kmsAliasName, + string? kmsKeyArn) { KmsAliasArn = kmsAliasArn; + KmsAliasName = kmsAliasName; KmsKeyArn = kmsKeyArn; } } diff --git a/sdk/dotnet/S3ObjectLambda/Inputs/AccessPointTransformationConfigurationArgs.cs b/sdk/dotnet/S3ObjectLambda/Inputs/AccessPointTransformationConfigurationArgs.cs index 4f1fc62c04..f91d74fbc1 100644 --- a/sdk/dotnet/S3ObjectLambda/Inputs/AccessPointTransformationConfigurationArgs.cs +++ b/sdk/dotnet/S3ObjectLambda/Inputs/AccessPointTransformationConfigurationArgs.cs @@ -19,7 +19,7 @@ public sealed class AccessPointTransformationConfigurationArgs : global::Pulumi. private InputList? _actions; /// - /// A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` . + /// A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . /// public InputList Actions { diff --git a/sdk/dotnet/S3ObjectLambda/Outputs/AccessPointTransformationConfiguration.cs b/sdk/dotnet/S3ObjectLambda/Outputs/AccessPointTransformationConfiguration.cs index 4fdae9fe27..c85200438f 100644 --- a/sdk/dotnet/S3ObjectLambda/Outputs/AccessPointTransformationConfiguration.cs +++ b/sdk/dotnet/S3ObjectLambda/Outputs/AccessPointTransformationConfiguration.cs @@ -17,7 +17,7 @@ namespace Pulumi.AwsNative.S3ObjectLambda.Outputs public sealed class AccessPointTransformationConfiguration { /// - /// A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` . + /// A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . /// public readonly ImmutableArray Actions; /// diff --git a/sdk/dotnet/Transfer/GetWebApp.cs b/sdk/dotnet/Transfer/GetWebApp.cs new file mode 100644 index 0000000000..9e5d9c60a6 --- /dev/null +++ b/sdk/dotnet/Transfer/GetWebApp.cs @@ -0,0 +1,122 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Transfer +{ + public static class GetWebApp + { + /// + /// Resource Type definition for AWS::Transfer::WebApp + /// + public static Task InvokeAsync(GetWebAppArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.InvokeAsync("aws-native:transfer:getWebApp", args ?? new GetWebAppArgs(), options.WithDefaults()); + + /// + /// Resource Type definition for AWS::Transfer::WebApp + /// + public static Output Invoke(GetWebAppInvokeArgs args, InvokeOptions? options = null) + => global::Pulumi.Deployment.Instance.Invoke("aws-native:transfer:getWebApp", args ?? new GetWebAppInvokeArgs(), options.WithDefaults()); + + /// + /// Resource Type definition for AWS::Transfer::WebApp + /// + public static Output Invoke(GetWebAppInvokeArgs args, InvokeOutputOptions options) + => global::Pulumi.Deployment.Instance.Invoke("aws-native:transfer:getWebApp", args ?? new GetWebAppInvokeArgs(), options.WithDefaults()); + } + + + public sealed class GetWebAppArgs : global::Pulumi.InvokeArgs + { + /// + /// Specifies the unique Amazon Resource Name (ARN) for the web app. + /// + [Input("arn", required: true)] + public string Arn { get; set; } = null!; + + public GetWebAppArgs() + { + } + public static new GetWebAppArgs Empty => new GetWebAppArgs(); + } + + public sealed class GetWebAppInvokeArgs : global::Pulumi.InvokeArgs + { + /// + /// Specifies the unique Amazon Resource Name (ARN) for the web app. + /// + [Input("arn", required: true)] + public Input Arn { get; set; } = null!; + + public GetWebAppInvokeArgs() + { + } + public static new GetWebAppInvokeArgs Empty => new GetWebAppInvokeArgs(); + } + + + [OutputType] + public sealed class GetWebAppResult + { + /// + /// The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + /// + public readonly string? AccessEndpoint; + /// + /// Specifies the unique Amazon Resource Name (ARN) for the web app. + /// + public readonly string? Arn; + /// + /// You can provide a structure that contains the details for the identity provider to use with your web app. + /// + /// For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + /// + public readonly Outputs.WebAppIdentityProviderDetails? IdentityProviderDetails; + /// + /// Key-value pairs that can be used to group and search for web apps. + /// + public readonly ImmutableArray Tags; + /// + /// A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + /// + public readonly Outputs.WebAppCustomization? WebAppCustomization; + /// + /// A unique identifier for the web app. + /// + public readonly string? WebAppId; + /// + /// A union that contains the value for number of concurrent connections or the user sessions on your web app. + /// + public readonly Outputs.WebAppUnitsProperties? WebAppUnits; + + [OutputConstructor] + private GetWebAppResult( + string? accessEndpoint, + + string? arn, + + Outputs.WebAppIdentityProviderDetails? identityProviderDetails, + + ImmutableArray tags, + + Outputs.WebAppCustomization? webAppCustomization, + + string? webAppId, + + Outputs.WebAppUnitsProperties? webAppUnits) + { + AccessEndpoint = accessEndpoint; + Arn = arn; + IdentityProviderDetails = identityProviderDetails; + Tags = tags; + WebAppCustomization = webAppCustomization; + WebAppId = webAppId; + WebAppUnits = webAppUnits; + } + } +} diff --git a/sdk/dotnet/Transfer/Inputs/WebAppCustomizationArgs.cs b/sdk/dotnet/Transfer/Inputs/WebAppCustomizationArgs.cs new file mode 100644 index 0000000000..460274789b --- /dev/null +++ b/sdk/dotnet/Transfer/Inputs/WebAppCustomizationArgs.cs @@ -0,0 +1,38 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Transfer.Inputs +{ + + public sealed class WebAppCustomizationArgs : global::Pulumi.ResourceArgs + { + /// + /// Specifies a favicon to display in the browser tab. + /// + [Input("faviconFile")] + public Input? FaviconFile { get; set; } + + /// + /// Specifies a logo to display on the web app. + /// + [Input("logoFile")] + public Input? LogoFile { get; set; } + + /// + /// Specifies a title to display on the web app. + /// + [Input("title")] + public Input? Title { get; set; } + + public WebAppCustomizationArgs() + { + } + public static new WebAppCustomizationArgs Empty => new WebAppCustomizationArgs(); + } +} diff --git a/sdk/dotnet/Transfer/Inputs/WebAppIdentityProviderDetailsArgs.cs b/sdk/dotnet/Transfer/Inputs/WebAppIdentityProviderDetailsArgs.cs new file mode 100644 index 0000000000..5b4b414dec --- /dev/null +++ b/sdk/dotnet/Transfer/Inputs/WebAppIdentityProviderDetailsArgs.cs @@ -0,0 +1,41 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Transfer.Inputs +{ + + /// + /// You can provide a structure that contains the details for the identity provider to use with your web app. + /// + public sealed class WebAppIdentityProviderDetailsArgs : global::Pulumi.ResourceArgs + { + /// + /// The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. + /// + [Input("applicationArn")] + public Input? ApplicationArn { get; set; } + + /// + /// The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. + /// + [Input("instanceArn")] + public Input? InstanceArn { get; set; } + + /// + /// The IAM role in IAM Identity Center used for the web app. + /// + [Input("role")] + public Input? Role { get; set; } + + public WebAppIdentityProviderDetailsArgs() + { + } + public static new WebAppIdentityProviderDetailsArgs Empty => new WebAppIdentityProviderDetailsArgs(); + } +} diff --git a/sdk/dotnet/Transfer/Inputs/WebAppUnitsPropertiesArgs.cs b/sdk/dotnet/Transfer/Inputs/WebAppUnitsPropertiesArgs.cs new file mode 100644 index 0000000000..e20085382b --- /dev/null +++ b/sdk/dotnet/Transfer/Inputs/WebAppUnitsPropertiesArgs.cs @@ -0,0 +1,26 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Transfer.Inputs +{ + + /// + /// A union that contains the value for number of concurrent connections or the user sessions on your web app. + /// + public sealed class WebAppUnitsPropertiesArgs : global::Pulumi.ResourceArgs + { + [Input("provisioned", required: true)] + public Input Provisioned { get; set; } = null!; + + public WebAppUnitsPropertiesArgs() + { + } + public static new WebAppUnitsPropertiesArgs Empty => new WebAppUnitsPropertiesArgs(); + } +} diff --git a/sdk/dotnet/Transfer/Outputs/WebAppCustomization.cs b/sdk/dotnet/Transfer/Outputs/WebAppCustomization.cs new file mode 100644 index 0000000000..69ae7a824f --- /dev/null +++ b/sdk/dotnet/Transfer/Outputs/WebAppCustomization.cs @@ -0,0 +1,42 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Transfer.Outputs +{ + + [OutputType] + public sealed class WebAppCustomization + { + /// + /// Specifies a favicon to display in the browser tab. + /// + public readonly string? FaviconFile; + /// + /// Specifies a logo to display on the web app. + /// + public readonly string? LogoFile; + /// + /// Specifies a title to display on the web app. + /// + public readonly string? Title; + + [OutputConstructor] + private WebAppCustomization( + string? faviconFile, + + string? logoFile, + + string? title) + { + FaviconFile = faviconFile; + LogoFile = logoFile; + Title = title; + } + } +} diff --git a/sdk/dotnet/Transfer/Outputs/WebAppIdentityProviderDetails.cs b/sdk/dotnet/Transfer/Outputs/WebAppIdentityProviderDetails.cs new file mode 100644 index 0000000000..ae540edb03 --- /dev/null +++ b/sdk/dotnet/Transfer/Outputs/WebAppIdentityProviderDetails.cs @@ -0,0 +1,45 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Transfer.Outputs +{ + + /// + /// You can provide a structure that contains the details for the identity provider to use with your web app. + /// + [OutputType] + public sealed class WebAppIdentityProviderDetails + { + /// + /// The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. + /// + public readonly string? ApplicationArn; + /// + /// The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. + /// + public readonly string? InstanceArn; + /// + /// The IAM role in IAM Identity Center used for the web app. + /// + public readonly string? Role; + + [OutputConstructor] + private WebAppIdentityProviderDetails( + string? applicationArn, + + string? instanceArn, + + string? role) + { + ApplicationArn = applicationArn; + InstanceArn = instanceArn; + Role = role; + } + } +} diff --git a/sdk/dotnet/Transfer/Outputs/WebAppUnitsProperties.cs b/sdk/dotnet/Transfer/Outputs/WebAppUnitsProperties.cs new file mode 100644 index 0000000000..ff0dfcd476 --- /dev/null +++ b/sdk/dotnet/Transfer/Outputs/WebAppUnitsProperties.cs @@ -0,0 +1,27 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Transfer.Outputs +{ + + /// + /// A union that contains the value for number of concurrent connections or the user sessions on your web app. + /// + [OutputType] + public sealed class WebAppUnitsProperties + { + public readonly int Provisioned; + + [OutputConstructor] + private WebAppUnitsProperties(int provisioned) + { + Provisioned = provisioned; + } + } +} diff --git a/sdk/dotnet/Transfer/WebApp.cs b/sdk/dotnet/Transfer/WebApp.cs new file mode 100644 index 0000000000..3bfc67125b --- /dev/null +++ b/sdk/dotnet/Transfer/WebApp.cs @@ -0,0 +1,154 @@ +// *** WARNING: this file was generated by pulumi. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +using System; +using System.Collections.Generic; +using System.Collections.Immutable; +using System.Threading.Tasks; +using Pulumi.Serialization; + +namespace Pulumi.AwsNative.Transfer +{ + /// + /// Resource Type definition for AWS::Transfer::WebApp + /// + [AwsNativeResourceType("aws-native:transfer:WebApp")] + public partial class WebApp : global::Pulumi.CustomResource + { + /// + /// The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + /// + [Output("accessEndpoint")] + public Output AccessEndpoint { get; private set; } = null!; + + /// + /// Specifies the unique Amazon Resource Name (ARN) for the web app. + /// + [Output("arn")] + public Output Arn { get; private set; } = null!; + + /// + /// You can provide a structure that contains the details for the identity provider to use with your web app. + /// + /// For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + /// + [Output("identityProviderDetails")] + public Output IdentityProviderDetails { get; private set; } = null!; + + /// + /// Key-value pairs that can be used to group and search for web apps. + /// + [Output("tags")] + public Output> Tags { get; private set; } = null!; + + /// + /// A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + /// + [Output("webAppCustomization")] + public Output WebAppCustomization { get; private set; } = null!; + + /// + /// A unique identifier for the web app. + /// + [Output("webAppId")] + public Output WebAppId { get; private set; } = null!; + + /// + /// A union that contains the value for number of concurrent connections or the user sessions on your web app. + /// + [Output("webAppUnits")] + public Output WebAppUnits { get; private set; } = null!; + + + /// + /// Create a WebApp resource with the given unique name, arguments, and options. + /// + /// + /// The unique name of the resource + /// The arguments used to populate this resource's properties + /// A bag of options that control this resource's behavior + public WebApp(string name, WebAppArgs args, CustomResourceOptions? options = null) + : base("aws-native:transfer:WebApp", name, args ?? new WebAppArgs(), MakeResourceOptions(options, "")) + { + } + + private WebApp(string name, Input id, CustomResourceOptions? options = null) + : base("aws-native:transfer:WebApp", name, null, MakeResourceOptions(options, id)) + { + } + + private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options, Input? id) + { + var defaultOptions = new CustomResourceOptions + { + Version = Utilities.Version, + ReplaceOnChanges = + { + "identityProviderDetails.instanceArn", + }, + }; + var merged = CustomResourceOptions.Merge(defaultOptions, options); + // Override the ID if one was specified for consistency with other language SDKs. + merged.Id = id ?? merged.Id; + return merged; + } + /// + /// Get an existing WebApp resource's state with the given name, ID, and optional extra + /// properties used to qualify the lookup. + /// + /// + /// The unique name of the resulting resource. + /// The unique provider ID of the resource to lookup. + /// A bag of options that control this resource's behavior + public static WebApp Get(string name, Input id, CustomResourceOptions? options = null) + { + return new WebApp(name, id, options); + } + } + + public sealed class WebAppArgs : global::Pulumi.ResourceArgs + { + /// + /// The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + /// + [Input("accessEndpoint")] + public Input? AccessEndpoint { get; set; } + + /// + /// You can provide a structure that contains the details for the identity provider to use with your web app. + /// + /// For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + /// + [Input("identityProviderDetails", required: true)] + public Input IdentityProviderDetails { get; set; } = null!; + + [Input("tags")] + private InputList? _tags; + + /// + /// Key-value pairs that can be used to group and search for web apps. + /// + public InputList Tags + { + get => _tags ?? (_tags = new InputList()); + set => _tags = value; + } + + /// + /// A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + /// + [Input("webAppCustomization")] + public Input? WebAppCustomization { get; set; } + + /// + /// A union that contains the value for number of concurrent connections or the user sessions on your web app. + /// + [Input("webAppUnits")] + public Input? WebAppUnits { get; set; } + + public WebAppArgs() + { + } + public static new WebAppArgs Empty => new WebAppArgs(); + } +} diff --git a/sdk/go/aws/bedrock/agentAlias.go b/sdk/go/aws/bedrock/agentAlias.go index 089cec6e89..30eb9180a8 100644 --- a/sdk/go/aws/bedrock/agentAlias.go +++ b/sdk/go/aws/bedrock/agentAlias.go @@ -31,6 +31,7 @@ type AgentAlias struct { // - FAILED – The agent alias API operation failed. // - UPDATING – The agent alias is being updated. // - DELETING – The agent alias is being deleted. + // - DISSOCIATED - The agent alias has no version associated with it. AgentAliasStatus AgentAliasStatusOutput `pulumi:"agentAliasStatus"` // Identifier for a resource. AgentId pulumi.StringOutput `pulumi:"agentId"` @@ -192,6 +193,7 @@ func (o AgentAliasOutput) AgentAliasName() pulumi.StringOutput { // - FAILED – The agent alias API operation failed. // - UPDATING – The agent alias is being updated. // - DELETING – The agent alias is being deleted. +// - DISSOCIATED - The agent alias has no version associated with it. func (o AgentAliasOutput) AgentAliasStatus() AgentAliasStatusOutput { return o.ApplyT(func(v *AgentAlias) AgentAliasStatusOutput { return v.AgentAliasStatus }).(AgentAliasStatusOutput) } diff --git a/sdk/go/aws/bedrock/getAgentAlias.go b/sdk/go/aws/bedrock/getAgentAlias.go index ce4abad6fd..16d0dac809 100644 --- a/sdk/go/aws/bedrock/getAgentAlias.go +++ b/sdk/go/aws/bedrock/getAgentAlias.go @@ -45,6 +45,7 @@ type LookupAgentAliasResult struct { // - FAILED – The agent alias API operation failed. // - UPDATING – The agent alias is being updated. // - DELETING – The agent alias is being deleted. + // - DISSOCIATED - The agent alias has no version associated with it. AgentAliasStatus *AgentAliasStatus `pulumi:"agentAliasStatus"` // Time Stamp. CreatedAt *string `pulumi:"createdAt"` @@ -122,6 +123,7 @@ func (o LookupAgentAliasResultOutput) AgentAliasName() pulumi.StringPtrOutput { // - FAILED – The agent alias API operation failed. // - UPDATING – The agent alias is being updated. // - DELETING – The agent alias is being deleted. +// - DISSOCIATED - The agent alias has no version associated with it. func (o LookupAgentAliasResultOutput) AgentAliasStatus() AgentAliasStatusPtrOutput { return o.ApplyT(func(v LookupAgentAliasResult) *AgentAliasStatus { return v.AgentAliasStatus }).(AgentAliasStatusPtrOutput) } diff --git a/sdk/go/aws/bedrock/pulumiEnums.go b/sdk/go/aws/bedrock/pulumiEnums.go index 81ef3f4b80..8e7212e27f 100644 --- a/sdk/go/aws/bedrock/pulumiEnums.go +++ b/sdk/go/aws/bedrock/pulumiEnums.go @@ -8466,6 +8466,170 @@ func (in *knowledgeBaseTypePtr) ToKnowledgeBaseTypePtrOutputWithContext(ctx cont return pulumi.ToOutputWithContext(ctx, in).(KnowledgeBaseTypePtrOutput) } +// CachePoint types for CachePointBlock +type PromptCachePointType string + +const ( + PromptCachePointTypeDefault = PromptCachePointType("default") +) + +func (PromptCachePointType) ElementType() reflect.Type { + return reflect.TypeOf((*PromptCachePointType)(nil)).Elem() +} + +func (e PromptCachePointType) ToPromptCachePointTypeOutput() PromptCachePointTypeOutput { + return pulumi.ToOutput(e).(PromptCachePointTypeOutput) +} + +func (e PromptCachePointType) ToPromptCachePointTypeOutputWithContext(ctx context.Context) PromptCachePointTypeOutput { + return pulumi.ToOutputWithContext(ctx, e).(PromptCachePointTypeOutput) +} + +func (e PromptCachePointType) ToPromptCachePointTypePtrOutput() PromptCachePointTypePtrOutput { + return e.ToPromptCachePointTypePtrOutputWithContext(context.Background()) +} + +func (e PromptCachePointType) ToPromptCachePointTypePtrOutputWithContext(ctx context.Context) PromptCachePointTypePtrOutput { + return PromptCachePointType(e).ToPromptCachePointTypeOutputWithContext(ctx).ToPromptCachePointTypePtrOutputWithContext(ctx) +} + +func (e PromptCachePointType) ToStringOutput() pulumi.StringOutput { + return pulumi.ToOutput(pulumi.String(e)).(pulumi.StringOutput) +} + +func (e PromptCachePointType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput { + return pulumi.ToOutputWithContext(ctx, pulumi.String(e)).(pulumi.StringOutput) +} + +func (e PromptCachePointType) ToStringPtrOutput() pulumi.StringPtrOutput { + return pulumi.String(e).ToStringPtrOutputWithContext(context.Background()) +} + +func (e PromptCachePointType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput { + return pulumi.String(e).ToStringOutputWithContext(ctx).ToStringPtrOutputWithContext(ctx) +} + +type PromptCachePointTypeOutput struct{ *pulumi.OutputState } + +func (PromptCachePointTypeOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptCachePointType)(nil)).Elem() +} + +func (o PromptCachePointTypeOutput) ToPromptCachePointTypeOutput() PromptCachePointTypeOutput { + return o +} + +func (o PromptCachePointTypeOutput) ToPromptCachePointTypeOutputWithContext(ctx context.Context) PromptCachePointTypeOutput { + return o +} + +func (o PromptCachePointTypeOutput) ToPromptCachePointTypePtrOutput() PromptCachePointTypePtrOutput { + return o.ToPromptCachePointTypePtrOutputWithContext(context.Background()) +} + +func (o PromptCachePointTypeOutput) ToPromptCachePointTypePtrOutputWithContext(ctx context.Context) PromptCachePointTypePtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v PromptCachePointType) *PromptCachePointType { + return &v + }).(PromptCachePointTypePtrOutput) +} + +func (o PromptCachePointTypeOutput) ToStringOutput() pulumi.StringOutput { + return o.ToStringOutputWithContext(context.Background()) +} + +func (o PromptCachePointTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, e PromptCachePointType) string { + return string(e) + }).(pulumi.StringOutput) +} + +func (o PromptCachePointTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput { + return o.ToStringPtrOutputWithContext(context.Background()) +} + +func (o PromptCachePointTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, e PromptCachePointType) *string { + v := string(e) + return &v + }).(pulumi.StringPtrOutput) +} + +type PromptCachePointTypePtrOutput struct{ *pulumi.OutputState } + +func (PromptCachePointTypePtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**PromptCachePointType)(nil)).Elem() +} + +func (o PromptCachePointTypePtrOutput) ToPromptCachePointTypePtrOutput() PromptCachePointTypePtrOutput { + return o +} + +func (o PromptCachePointTypePtrOutput) ToPromptCachePointTypePtrOutputWithContext(ctx context.Context) PromptCachePointTypePtrOutput { + return o +} + +func (o PromptCachePointTypePtrOutput) Elem() PromptCachePointTypeOutput { + return o.ApplyT(func(v *PromptCachePointType) PromptCachePointType { + if v != nil { + return *v + } + var ret PromptCachePointType + return ret + }).(PromptCachePointTypeOutput) +} + +func (o PromptCachePointTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput { + return o.ToStringPtrOutputWithContext(context.Background()) +} + +func (o PromptCachePointTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, e *PromptCachePointType) *string { + if e == nil { + return nil + } + v := string(*e) + return &v + }).(pulumi.StringPtrOutput) +} + +// PromptCachePointTypeInput is an input type that accepts values of the PromptCachePointType enum +// A concrete instance of `PromptCachePointTypeInput` can be one of the following: +// +// PromptCachePointTypeDefault +type PromptCachePointTypeInput interface { + pulumi.Input + + ToPromptCachePointTypeOutput() PromptCachePointTypeOutput + ToPromptCachePointTypeOutputWithContext(context.Context) PromptCachePointTypeOutput +} + +var promptCachePointTypePtrType = reflect.TypeOf((**PromptCachePointType)(nil)).Elem() + +type PromptCachePointTypePtrInput interface { + pulumi.Input + + ToPromptCachePointTypePtrOutput() PromptCachePointTypePtrOutput + ToPromptCachePointTypePtrOutputWithContext(context.Context) PromptCachePointTypePtrOutput +} + +type promptCachePointTypePtr string + +func PromptCachePointTypePtr(v string) PromptCachePointTypePtrInput { + return (*promptCachePointTypePtr)(&v) +} + +func (*promptCachePointTypePtr) ElementType() reflect.Type { + return promptCachePointTypePtrType +} + +func (in *promptCachePointTypePtr) ToPromptCachePointTypePtrOutput() PromptCachePointTypePtrOutput { + return pulumi.ToOutput(in).(PromptCachePointTypePtrOutput) +} + +func (in *promptCachePointTypePtr) ToPromptCachePointTypePtrOutputWithContext(ctx context.Context) PromptCachePointTypePtrOutput { + return pulumi.ToOutputWithContext(ctx, in).(PromptCachePointTypePtrOutput) +} + // Conversation roles for the chat prompt type PromptConversationRole string @@ -8798,6 +8962,96 @@ func (in *promptTemplateTypePtr) ToPromptTemplateTypePtrOutputWithContext(ctx co return pulumi.ToOutputWithContext(ctx, in).(PromptTemplateTypePtrOutput) } +// CachePoint types for CachePointBlock +type PromptVersionCachePointType string + +const ( + PromptVersionCachePointTypeDefault = PromptVersionCachePointType("default") +) + +type PromptVersionCachePointTypeOutput struct{ *pulumi.OutputState } + +func (PromptVersionCachePointTypeOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptVersionCachePointType)(nil)).Elem() +} + +func (o PromptVersionCachePointTypeOutput) ToPromptVersionCachePointTypeOutput() PromptVersionCachePointTypeOutput { + return o +} + +func (o PromptVersionCachePointTypeOutput) ToPromptVersionCachePointTypeOutputWithContext(ctx context.Context) PromptVersionCachePointTypeOutput { + return o +} + +func (o PromptVersionCachePointTypeOutput) ToPromptVersionCachePointTypePtrOutput() PromptVersionCachePointTypePtrOutput { + return o.ToPromptVersionCachePointTypePtrOutputWithContext(context.Background()) +} + +func (o PromptVersionCachePointTypeOutput) ToPromptVersionCachePointTypePtrOutputWithContext(ctx context.Context) PromptVersionCachePointTypePtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v PromptVersionCachePointType) *PromptVersionCachePointType { + return &v + }).(PromptVersionCachePointTypePtrOutput) +} + +func (o PromptVersionCachePointTypeOutput) ToStringOutput() pulumi.StringOutput { + return o.ToStringOutputWithContext(context.Background()) +} + +func (o PromptVersionCachePointTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, e PromptVersionCachePointType) string { + return string(e) + }).(pulumi.StringOutput) +} + +func (o PromptVersionCachePointTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput { + return o.ToStringPtrOutputWithContext(context.Background()) +} + +func (o PromptVersionCachePointTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, e PromptVersionCachePointType) *string { + v := string(e) + return &v + }).(pulumi.StringPtrOutput) +} + +type PromptVersionCachePointTypePtrOutput struct{ *pulumi.OutputState } + +func (PromptVersionCachePointTypePtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**PromptVersionCachePointType)(nil)).Elem() +} + +func (o PromptVersionCachePointTypePtrOutput) ToPromptVersionCachePointTypePtrOutput() PromptVersionCachePointTypePtrOutput { + return o +} + +func (o PromptVersionCachePointTypePtrOutput) ToPromptVersionCachePointTypePtrOutputWithContext(ctx context.Context) PromptVersionCachePointTypePtrOutput { + return o +} + +func (o PromptVersionCachePointTypePtrOutput) Elem() PromptVersionCachePointTypeOutput { + return o.ApplyT(func(v *PromptVersionCachePointType) PromptVersionCachePointType { + if v != nil { + return *v + } + var ret PromptVersionCachePointType + return ret + }).(PromptVersionCachePointTypeOutput) +} + +func (o PromptVersionCachePointTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput { + return o.ToStringPtrOutputWithContext(context.Background()) +} + +func (o PromptVersionCachePointTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, e *PromptVersionCachePointType) *string { + if e == nil { + return nil + } + v := string(*e) + return &v + }).(pulumi.StringPtrOutput) +} + // Conversation roles for the chat prompt type PromptVersionConversationRole string @@ -9067,6 +9321,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*KnowledgeBaseSupplementalDataStorageLocationTypePtrInput)(nil)).Elem(), KnowledgeBaseSupplementalDataStorageLocationType("S3")) pulumi.RegisterInputType(reflect.TypeOf((*KnowledgeBaseTypeInput)(nil)).Elem(), KnowledgeBaseType("VECTOR")) pulumi.RegisterInputType(reflect.TypeOf((*KnowledgeBaseTypePtrInput)(nil)).Elem(), KnowledgeBaseType("VECTOR")) + pulumi.RegisterInputType(reflect.TypeOf((*PromptCachePointTypeInput)(nil)).Elem(), PromptCachePointType("default")) + pulumi.RegisterInputType(reflect.TypeOf((*PromptCachePointTypePtrInput)(nil)).Elem(), PromptCachePointType("default")) pulumi.RegisterInputType(reflect.TypeOf((*PromptConversationRoleInput)(nil)).Elem(), PromptConversationRole("user")) pulumi.RegisterInputType(reflect.TypeOf((*PromptConversationRolePtrInput)(nil)).Elem(), PromptConversationRole("user")) pulumi.RegisterInputType(reflect.TypeOf((*PromptTemplateTypeInput)(nil)).Elem(), PromptTemplateType("TEXT")) @@ -9183,10 +9439,14 @@ func init() { pulumi.RegisterOutputType(KnowledgeBaseSupplementalDataStorageLocationTypePtrOutput{}) pulumi.RegisterOutputType(KnowledgeBaseTypeOutput{}) pulumi.RegisterOutputType(KnowledgeBaseTypePtrOutput{}) + pulumi.RegisterOutputType(PromptCachePointTypeOutput{}) + pulumi.RegisterOutputType(PromptCachePointTypePtrOutput{}) pulumi.RegisterOutputType(PromptConversationRoleOutput{}) pulumi.RegisterOutputType(PromptConversationRolePtrOutput{}) pulumi.RegisterOutputType(PromptTemplateTypeOutput{}) pulumi.RegisterOutputType(PromptTemplateTypePtrOutput{}) + pulumi.RegisterOutputType(PromptVersionCachePointTypeOutput{}) + pulumi.RegisterOutputType(PromptVersionCachePointTypePtrOutput{}) pulumi.RegisterOutputType(PromptVersionConversationRoleOutput{}) pulumi.RegisterOutputType(PromptVersionConversationRolePtrOutput{}) pulumi.RegisterOutputType(PromptVersionPromptTemplateTypeOutput{}) diff --git a/sdk/go/aws/bedrock/pulumiTypes.go b/sdk/go/aws/bedrock/pulumiTypes.go index d089ec279d..166a5571f8 100644 --- a/sdk/go/aws/bedrock/pulumiTypes.go +++ b/sdk/go/aws/bedrock/pulumiTypes.go @@ -25282,6 +25282,127 @@ func (o KnowledgeBaseVectorKnowledgeBaseConfigurationPtrOutput) SupplementalData }).(KnowledgeBaseSupplementalDataStorageConfigurationPtrOutput) } +// Contains model-specific configurations +type PromptAdditionalModelRequestFields struct { +} + +// PromptAdditionalModelRequestFieldsInput is an input type that accepts PromptAdditionalModelRequestFieldsArgs and PromptAdditionalModelRequestFieldsOutput values. +// You can construct a concrete instance of `PromptAdditionalModelRequestFieldsInput` via: +// +// PromptAdditionalModelRequestFieldsArgs{...} +type PromptAdditionalModelRequestFieldsInput interface { + pulumi.Input + + ToPromptAdditionalModelRequestFieldsOutput() PromptAdditionalModelRequestFieldsOutput + ToPromptAdditionalModelRequestFieldsOutputWithContext(context.Context) PromptAdditionalModelRequestFieldsOutput +} + +// Contains model-specific configurations +type PromptAdditionalModelRequestFieldsArgs struct { +} + +func (PromptAdditionalModelRequestFieldsArgs) ElementType() reflect.Type { + return reflect.TypeOf((*PromptAdditionalModelRequestFields)(nil)).Elem() +} + +func (i PromptAdditionalModelRequestFieldsArgs) ToPromptAdditionalModelRequestFieldsOutput() PromptAdditionalModelRequestFieldsOutput { + return i.ToPromptAdditionalModelRequestFieldsOutputWithContext(context.Background()) +} + +func (i PromptAdditionalModelRequestFieldsArgs) ToPromptAdditionalModelRequestFieldsOutputWithContext(ctx context.Context) PromptAdditionalModelRequestFieldsOutput { + return pulumi.ToOutputWithContext(ctx, i).(PromptAdditionalModelRequestFieldsOutput) +} + +func (i PromptAdditionalModelRequestFieldsArgs) ToPromptAdditionalModelRequestFieldsPtrOutput() PromptAdditionalModelRequestFieldsPtrOutput { + return i.ToPromptAdditionalModelRequestFieldsPtrOutputWithContext(context.Background()) +} + +func (i PromptAdditionalModelRequestFieldsArgs) ToPromptAdditionalModelRequestFieldsPtrOutputWithContext(ctx context.Context) PromptAdditionalModelRequestFieldsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(PromptAdditionalModelRequestFieldsOutput).ToPromptAdditionalModelRequestFieldsPtrOutputWithContext(ctx) +} + +// PromptAdditionalModelRequestFieldsPtrInput is an input type that accepts PromptAdditionalModelRequestFieldsArgs, PromptAdditionalModelRequestFieldsPtr and PromptAdditionalModelRequestFieldsPtrOutput values. +// You can construct a concrete instance of `PromptAdditionalModelRequestFieldsPtrInput` via: +// +// PromptAdditionalModelRequestFieldsArgs{...} +// +// or: +// +// nil +type PromptAdditionalModelRequestFieldsPtrInput interface { + pulumi.Input + + ToPromptAdditionalModelRequestFieldsPtrOutput() PromptAdditionalModelRequestFieldsPtrOutput + ToPromptAdditionalModelRequestFieldsPtrOutputWithContext(context.Context) PromptAdditionalModelRequestFieldsPtrOutput +} + +type promptAdditionalModelRequestFieldsPtrType PromptAdditionalModelRequestFieldsArgs + +func PromptAdditionalModelRequestFieldsPtr(v *PromptAdditionalModelRequestFieldsArgs) PromptAdditionalModelRequestFieldsPtrInput { + return (*promptAdditionalModelRequestFieldsPtrType)(v) +} + +func (*promptAdditionalModelRequestFieldsPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**PromptAdditionalModelRequestFields)(nil)).Elem() +} + +func (i *promptAdditionalModelRequestFieldsPtrType) ToPromptAdditionalModelRequestFieldsPtrOutput() PromptAdditionalModelRequestFieldsPtrOutput { + return i.ToPromptAdditionalModelRequestFieldsPtrOutputWithContext(context.Background()) +} + +func (i *promptAdditionalModelRequestFieldsPtrType) ToPromptAdditionalModelRequestFieldsPtrOutputWithContext(ctx context.Context) PromptAdditionalModelRequestFieldsPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(PromptAdditionalModelRequestFieldsPtrOutput) +} + +// Contains model-specific configurations +type PromptAdditionalModelRequestFieldsOutput struct{ *pulumi.OutputState } + +func (PromptAdditionalModelRequestFieldsOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptAdditionalModelRequestFields)(nil)).Elem() +} + +func (o PromptAdditionalModelRequestFieldsOutput) ToPromptAdditionalModelRequestFieldsOutput() PromptAdditionalModelRequestFieldsOutput { + return o +} + +func (o PromptAdditionalModelRequestFieldsOutput) ToPromptAdditionalModelRequestFieldsOutputWithContext(ctx context.Context) PromptAdditionalModelRequestFieldsOutput { + return o +} + +func (o PromptAdditionalModelRequestFieldsOutput) ToPromptAdditionalModelRequestFieldsPtrOutput() PromptAdditionalModelRequestFieldsPtrOutput { + return o.ToPromptAdditionalModelRequestFieldsPtrOutputWithContext(context.Background()) +} + +func (o PromptAdditionalModelRequestFieldsOutput) ToPromptAdditionalModelRequestFieldsPtrOutputWithContext(ctx context.Context) PromptAdditionalModelRequestFieldsPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v PromptAdditionalModelRequestFields) *PromptAdditionalModelRequestFields { + return &v + }).(PromptAdditionalModelRequestFieldsPtrOutput) +} + +type PromptAdditionalModelRequestFieldsPtrOutput struct{ *pulumi.OutputState } + +func (PromptAdditionalModelRequestFieldsPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**PromptAdditionalModelRequestFields)(nil)).Elem() +} + +func (o PromptAdditionalModelRequestFieldsPtrOutput) ToPromptAdditionalModelRequestFieldsPtrOutput() PromptAdditionalModelRequestFieldsPtrOutput { + return o +} + +func (o PromptAdditionalModelRequestFieldsPtrOutput) ToPromptAdditionalModelRequestFieldsPtrOutputWithContext(ctx context.Context) PromptAdditionalModelRequestFieldsPtrOutput { + return o +} + +func (o PromptAdditionalModelRequestFieldsPtrOutput) Elem() PromptAdditionalModelRequestFieldsOutput { + return o.ApplyT(func(v *PromptAdditionalModelRequestFields) PromptAdditionalModelRequestFields { + if v != nil { + return *v + } + var ret PromptAdditionalModelRequestFields + return ret + }).(PromptAdditionalModelRequestFieldsOutput) +} + // Target Agent to invoke with Prompt type PromptAgentResource struct { // Arn representation of the Agent Alias. @@ -25664,6 +25785,142 @@ func (o PromptAutoToolChoicePtrOutput) Elem() PromptAutoToolChoiceOutput { }).(PromptAutoToolChoiceOutput) } +// CachePointBlock +type PromptCachePointBlock struct { + Type PromptCachePointType `pulumi:"type"` +} + +// PromptCachePointBlockInput is an input type that accepts PromptCachePointBlockArgs and PromptCachePointBlockOutput values. +// You can construct a concrete instance of `PromptCachePointBlockInput` via: +// +// PromptCachePointBlockArgs{...} +type PromptCachePointBlockInput interface { + pulumi.Input + + ToPromptCachePointBlockOutput() PromptCachePointBlockOutput + ToPromptCachePointBlockOutputWithContext(context.Context) PromptCachePointBlockOutput +} + +// CachePointBlock +type PromptCachePointBlockArgs struct { + Type PromptCachePointTypeInput `pulumi:"type"` +} + +func (PromptCachePointBlockArgs) ElementType() reflect.Type { + return reflect.TypeOf((*PromptCachePointBlock)(nil)).Elem() +} + +func (i PromptCachePointBlockArgs) ToPromptCachePointBlockOutput() PromptCachePointBlockOutput { + return i.ToPromptCachePointBlockOutputWithContext(context.Background()) +} + +func (i PromptCachePointBlockArgs) ToPromptCachePointBlockOutputWithContext(ctx context.Context) PromptCachePointBlockOutput { + return pulumi.ToOutputWithContext(ctx, i).(PromptCachePointBlockOutput) +} + +func (i PromptCachePointBlockArgs) ToPromptCachePointBlockPtrOutput() PromptCachePointBlockPtrOutput { + return i.ToPromptCachePointBlockPtrOutputWithContext(context.Background()) +} + +func (i PromptCachePointBlockArgs) ToPromptCachePointBlockPtrOutputWithContext(ctx context.Context) PromptCachePointBlockPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(PromptCachePointBlockOutput).ToPromptCachePointBlockPtrOutputWithContext(ctx) +} + +// PromptCachePointBlockPtrInput is an input type that accepts PromptCachePointBlockArgs, PromptCachePointBlockPtr and PromptCachePointBlockPtrOutput values. +// You can construct a concrete instance of `PromptCachePointBlockPtrInput` via: +// +// PromptCachePointBlockArgs{...} +// +// or: +// +// nil +type PromptCachePointBlockPtrInput interface { + pulumi.Input + + ToPromptCachePointBlockPtrOutput() PromptCachePointBlockPtrOutput + ToPromptCachePointBlockPtrOutputWithContext(context.Context) PromptCachePointBlockPtrOutput +} + +type promptCachePointBlockPtrType PromptCachePointBlockArgs + +func PromptCachePointBlockPtr(v *PromptCachePointBlockArgs) PromptCachePointBlockPtrInput { + return (*promptCachePointBlockPtrType)(v) +} + +func (*promptCachePointBlockPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**PromptCachePointBlock)(nil)).Elem() +} + +func (i *promptCachePointBlockPtrType) ToPromptCachePointBlockPtrOutput() PromptCachePointBlockPtrOutput { + return i.ToPromptCachePointBlockPtrOutputWithContext(context.Background()) +} + +func (i *promptCachePointBlockPtrType) ToPromptCachePointBlockPtrOutputWithContext(ctx context.Context) PromptCachePointBlockPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(PromptCachePointBlockPtrOutput) +} + +// CachePointBlock +type PromptCachePointBlockOutput struct{ *pulumi.OutputState } + +func (PromptCachePointBlockOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptCachePointBlock)(nil)).Elem() +} + +func (o PromptCachePointBlockOutput) ToPromptCachePointBlockOutput() PromptCachePointBlockOutput { + return o +} + +func (o PromptCachePointBlockOutput) ToPromptCachePointBlockOutputWithContext(ctx context.Context) PromptCachePointBlockOutput { + return o +} + +func (o PromptCachePointBlockOutput) ToPromptCachePointBlockPtrOutput() PromptCachePointBlockPtrOutput { + return o.ToPromptCachePointBlockPtrOutputWithContext(context.Background()) +} + +func (o PromptCachePointBlockOutput) ToPromptCachePointBlockPtrOutputWithContext(ctx context.Context) PromptCachePointBlockPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v PromptCachePointBlock) *PromptCachePointBlock { + return &v + }).(PromptCachePointBlockPtrOutput) +} + +func (o PromptCachePointBlockOutput) Type() PromptCachePointTypeOutput { + return o.ApplyT(func(v PromptCachePointBlock) PromptCachePointType { return v.Type }).(PromptCachePointTypeOutput) +} + +type PromptCachePointBlockPtrOutput struct{ *pulumi.OutputState } + +func (PromptCachePointBlockPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**PromptCachePointBlock)(nil)).Elem() +} + +func (o PromptCachePointBlockPtrOutput) ToPromptCachePointBlockPtrOutput() PromptCachePointBlockPtrOutput { + return o +} + +func (o PromptCachePointBlockPtrOutput) ToPromptCachePointBlockPtrOutputWithContext(ctx context.Context) PromptCachePointBlockPtrOutput { + return o +} + +func (o PromptCachePointBlockPtrOutput) Elem() PromptCachePointBlockOutput { + return o.ApplyT(func(v *PromptCachePointBlock) PromptCachePointBlock { + if v != nil { + return *v + } + var ret PromptCachePointBlock + return ret + }).(PromptCachePointBlockOutput) +} + +func (o PromptCachePointBlockPtrOutput) Type() PromptCachePointTypePtrOutput { + return o.ApplyT(func(v *PromptCachePointBlock) *PromptCachePointType { + if v == nil { + return nil + } + return &v.Type + }).(PromptCachePointTypePtrOutput) +} + // Configuration for chat prompt template type PromptChatPromptTemplateConfiguration struct { // List of input variables @@ -25671,8 +25928,8 @@ type PromptChatPromptTemplateConfiguration struct { // List of messages for chat prompt template Messages []PromptMessage `pulumi:"messages"` // Configuration for chat prompt template - System []PromptSystemContentBlockProperties `pulumi:"system"` - ToolConfiguration *PromptToolConfiguration `pulumi:"toolConfiguration"` + System []interface{} `pulumi:"system"` + ToolConfiguration *PromptToolConfiguration `pulumi:"toolConfiguration"` } // PromptChatPromptTemplateConfigurationInput is an input type that accepts PromptChatPromptTemplateConfigurationArgs and PromptChatPromptTemplateConfigurationOutput values. @@ -25693,8 +25950,8 @@ type PromptChatPromptTemplateConfigurationArgs struct { // List of messages for chat prompt template Messages PromptMessageArrayInput `pulumi:"messages"` // Configuration for chat prompt template - System PromptSystemContentBlockPropertiesArrayInput `pulumi:"system"` - ToolConfiguration PromptToolConfigurationPtrInput `pulumi:"toolConfiguration"` + System pulumi.ArrayInput `pulumi:"system"` + ToolConfiguration PromptToolConfigurationPtrInput `pulumi:"toolConfiguration"` } func (PromptChatPromptTemplateConfigurationArgs) ElementType() reflect.Type { @@ -25735,8 +25992,8 @@ func (o PromptChatPromptTemplateConfigurationOutput) Messages() PromptMessageArr } // Configuration for chat prompt template -func (o PromptChatPromptTemplateConfigurationOutput) System() PromptSystemContentBlockPropertiesArrayOutput { - return o.ApplyT(func(v PromptChatPromptTemplateConfiguration) []PromptSystemContentBlockProperties { return v.System }).(PromptSystemContentBlockPropertiesArrayOutput) +func (o PromptChatPromptTemplateConfigurationOutput) System() pulumi.ArrayOutput { + return o.ApplyT(func(v PromptChatPromptTemplateConfiguration) []interface{} { return v.System }).(pulumi.ArrayOutput) } func (o PromptChatPromptTemplateConfigurationOutput) ToolConfiguration() PromptToolConfigurationPtrOutput { @@ -25749,104 +26006,105 @@ type PromptContentBlock0Properties struct { Text string `pulumi:"text"` } -// Configuration for chat prompt template -type PromptContentBlockProperties struct { - // Configuration for chat prompt template - Text string `pulumi:"text"` -} - -// PromptContentBlockPropertiesInput is an input type that accepts PromptContentBlockPropertiesArgs and PromptContentBlockPropertiesOutput values. -// You can construct a concrete instance of `PromptContentBlockPropertiesInput` via: +// PromptContentBlock0PropertiesInput is an input type that accepts PromptContentBlock0PropertiesArgs and PromptContentBlock0PropertiesOutput values. +// You can construct a concrete instance of `PromptContentBlock0PropertiesInput` via: // -// PromptContentBlockPropertiesArgs{...} -type PromptContentBlockPropertiesInput interface { +// PromptContentBlock0PropertiesArgs{...} +type PromptContentBlock0PropertiesInput interface { pulumi.Input - ToPromptContentBlockPropertiesOutput() PromptContentBlockPropertiesOutput - ToPromptContentBlockPropertiesOutputWithContext(context.Context) PromptContentBlockPropertiesOutput + ToPromptContentBlock0PropertiesOutput() PromptContentBlock0PropertiesOutput + ToPromptContentBlock0PropertiesOutputWithContext(context.Context) PromptContentBlock0PropertiesOutput } // Configuration for chat prompt template -type PromptContentBlockPropertiesArgs struct { +type PromptContentBlock0PropertiesArgs struct { // Configuration for chat prompt template Text pulumi.StringInput `pulumi:"text"` } -func (PromptContentBlockPropertiesArgs) ElementType() reflect.Type { - return reflect.TypeOf((*PromptContentBlockProperties)(nil)).Elem() +func (PromptContentBlock0PropertiesArgs) ElementType() reflect.Type { + return reflect.TypeOf((*PromptContentBlock0Properties)(nil)).Elem() } -func (i PromptContentBlockPropertiesArgs) ToPromptContentBlockPropertiesOutput() PromptContentBlockPropertiesOutput { - return i.ToPromptContentBlockPropertiesOutputWithContext(context.Background()) +func (i PromptContentBlock0PropertiesArgs) ToPromptContentBlock0PropertiesOutput() PromptContentBlock0PropertiesOutput { + return i.ToPromptContentBlock0PropertiesOutputWithContext(context.Background()) } -func (i PromptContentBlockPropertiesArgs) ToPromptContentBlockPropertiesOutputWithContext(ctx context.Context) PromptContentBlockPropertiesOutput { - return pulumi.ToOutputWithContext(ctx, i).(PromptContentBlockPropertiesOutput) +func (i PromptContentBlock0PropertiesArgs) ToPromptContentBlock0PropertiesOutputWithContext(ctx context.Context) PromptContentBlock0PropertiesOutput { + return pulumi.ToOutputWithContext(ctx, i).(PromptContentBlock0PropertiesOutput) } -// PromptContentBlockPropertiesArrayInput is an input type that accepts PromptContentBlockPropertiesArray and PromptContentBlockPropertiesArrayOutput values. -// You can construct a concrete instance of `PromptContentBlockPropertiesArrayInput` via: -// -// PromptContentBlockPropertiesArray{ PromptContentBlockPropertiesArgs{...} } -type PromptContentBlockPropertiesArrayInput interface { - pulumi.Input +// Configuration for chat prompt template +type PromptContentBlock0PropertiesOutput struct{ *pulumi.OutputState } - ToPromptContentBlockPropertiesArrayOutput() PromptContentBlockPropertiesArrayOutput - ToPromptContentBlockPropertiesArrayOutputWithContext(context.Context) PromptContentBlockPropertiesArrayOutput +func (PromptContentBlock0PropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptContentBlock0Properties)(nil)).Elem() } -type PromptContentBlockPropertiesArray []PromptContentBlockPropertiesInput - -func (PromptContentBlockPropertiesArray) ElementType() reflect.Type { - return reflect.TypeOf((*[]PromptContentBlockProperties)(nil)).Elem() +func (o PromptContentBlock0PropertiesOutput) ToPromptContentBlock0PropertiesOutput() PromptContentBlock0PropertiesOutput { + return o } -func (i PromptContentBlockPropertiesArray) ToPromptContentBlockPropertiesArrayOutput() PromptContentBlockPropertiesArrayOutput { - return i.ToPromptContentBlockPropertiesArrayOutputWithContext(context.Background()) +func (o PromptContentBlock0PropertiesOutput) ToPromptContentBlock0PropertiesOutputWithContext(ctx context.Context) PromptContentBlock0PropertiesOutput { + return o } -func (i PromptContentBlockPropertiesArray) ToPromptContentBlockPropertiesArrayOutputWithContext(ctx context.Context) PromptContentBlockPropertiesArrayOutput { - return pulumi.ToOutputWithContext(ctx, i).(PromptContentBlockPropertiesArrayOutput) +// Configuration for chat prompt template +func (o PromptContentBlock0PropertiesOutput) Text() pulumi.StringOutput { + return o.ApplyT(func(v PromptContentBlock0Properties) string { return v.Text }).(pulumi.StringOutput) } // Configuration for chat prompt template -type PromptContentBlockPropertiesOutput struct{ *pulumi.OutputState } +type PromptContentBlock1Properties struct { + CachePoint PromptCachePointBlock `pulumi:"cachePoint"` +} -func (PromptContentBlockPropertiesOutput) ElementType() reflect.Type { - return reflect.TypeOf((*PromptContentBlockProperties)(nil)).Elem() +// PromptContentBlock1PropertiesInput is an input type that accepts PromptContentBlock1PropertiesArgs and PromptContentBlock1PropertiesOutput values. +// You can construct a concrete instance of `PromptContentBlock1PropertiesInput` via: +// +// PromptContentBlock1PropertiesArgs{...} +type PromptContentBlock1PropertiesInput interface { + pulumi.Input + + ToPromptContentBlock1PropertiesOutput() PromptContentBlock1PropertiesOutput + ToPromptContentBlock1PropertiesOutputWithContext(context.Context) PromptContentBlock1PropertiesOutput } -func (o PromptContentBlockPropertiesOutput) ToPromptContentBlockPropertiesOutput() PromptContentBlockPropertiesOutput { - return o +// Configuration for chat prompt template +type PromptContentBlock1PropertiesArgs struct { + CachePoint PromptCachePointBlockInput `pulumi:"cachePoint"` } -func (o PromptContentBlockPropertiesOutput) ToPromptContentBlockPropertiesOutputWithContext(ctx context.Context) PromptContentBlockPropertiesOutput { - return o +func (PromptContentBlock1PropertiesArgs) ElementType() reflect.Type { + return reflect.TypeOf((*PromptContentBlock1Properties)(nil)).Elem() } -// Configuration for chat prompt template -func (o PromptContentBlockPropertiesOutput) Text() pulumi.StringOutput { - return o.ApplyT(func(v PromptContentBlockProperties) string { return v.Text }).(pulumi.StringOutput) +func (i PromptContentBlock1PropertiesArgs) ToPromptContentBlock1PropertiesOutput() PromptContentBlock1PropertiesOutput { + return i.ToPromptContentBlock1PropertiesOutputWithContext(context.Background()) +} + +func (i PromptContentBlock1PropertiesArgs) ToPromptContentBlock1PropertiesOutputWithContext(ctx context.Context) PromptContentBlock1PropertiesOutput { + return pulumi.ToOutputWithContext(ctx, i).(PromptContentBlock1PropertiesOutput) } -type PromptContentBlockPropertiesArrayOutput struct{ *pulumi.OutputState } +// Configuration for chat prompt template +type PromptContentBlock1PropertiesOutput struct{ *pulumi.OutputState } -func (PromptContentBlockPropertiesArrayOutput) ElementType() reflect.Type { - return reflect.TypeOf((*[]PromptContentBlockProperties)(nil)).Elem() +func (PromptContentBlock1PropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptContentBlock1Properties)(nil)).Elem() } -func (o PromptContentBlockPropertiesArrayOutput) ToPromptContentBlockPropertiesArrayOutput() PromptContentBlockPropertiesArrayOutput { +func (o PromptContentBlock1PropertiesOutput) ToPromptContentBlock1PropertiesOutput() PromptContentBlock1PropertiesOutput { return o } -func (o PromptContentBlockPropertiesArrayOutput) ToPromptContentBlockPropertiesArrayOutputWithContext(ctx context.Context) PromptContentBlockPropertiesArrayOutput { +func (o PromptContentBlock1PropertiesOutput) ToPromptContentBlock1PropertiesOutputWithContext(ctx context.Context) PromptContentBlock1PropertiesOutput { return o } -func (o PromptContentBlockPropertiesArrayOutput) Index(i pulumi.IntInput) PromptContentBlockPropertiesOutput { - return pulumi.All(o, i).ApplyT(func(vs []interface{}) PromptContentBlockProperties { - return vs[0].([]PromptContentBlockProperties)[vs[1].(int)] - }).(PromptContentBlockPropertiesOutput) +func (o PromptContentBlock1PropertiesOutput) CachePoint() PromptCachePointBlockOutput { + return o.ApplyT(func(v PromptContentBlock1Properties) PromptCachePointBlock { return v.CachePoint }).(PromptCachePointBlockOutput) } // Target resource to invoke with Prompt @@ -26234,8 +26492,8 @@ func (o PromptInputVariableArrayOutput) Index(i pulumi.IntInput) PromptInputVari // Chat prompt Message type PromptMessage struct { // List of Content Blocks - Content []PromptContentBlockProperties `pulumi:"content"` - Role PromptConversationRole `pulumi:"role"` + Content []interface{} `pulumi:"content"` + Role PromptConversationRole `pulumi:"role"` } // PromptMessageInput is an input type that accepts PromptMessageArgs and PromptMessageOutput values. @@ -26252,8 +26510,8 @@ type PromptMessageInput interface { // Chat prompt Message type PromptMessageArgs struct { // List of Content Blocks - Content PromptContentBlockPropertiesArrayInput `pulumi:"content"` - Role PromptConversationRoleInput `pulumi:"role"` + Content pulumi.ArrayInput `pulumi:"content"` + Role PromptConversationRoleInput `pulumi:"role"` } func (PromptMessageArgs) ElementType() reflect.Type { @@ -26309,8 +26567,8 @@ func (o PromptMessageOutput) ToPromptMessageOutputWithContext(ctx context.Contex } // List of Content Blocks -func (o PromptMessageOutput) Content() PromptContentBlockPropertiesArrayOutput { - return o.ApplyT(func(v PromptMessage) []PromptContentBlockProperties { return v.Content }).(PromptContentBlockPropertiesArrayOutput) +func (o PromptMessageOutput) Content() pulumi.ArrayOutput { + return o.ApplyT(func(v PromptMessage) []interface{} { return v.Content }).(pulumi.ArrayOutput) } func (o PromptMessageOutput) Role() PromptConversationRoleOutput { @@ -26680,104 +26938,105 @@ type PromptSystemContentBlock0Properties struct { Text string `pulumi:"text"` } -// Configuration for chat prompt template -type PromptSystemContentBlockProperties struct { - // Configuration for chat prompt template - Text string `pulumi:"text"` -} - -// PromptSystemContentBlockPropertiesInput is an input type that accepts PromptSystemContentBlockPropertiesArgs and PromptSystemContentBlockPropertiesOutput values. -// You can construct a concrete instance of `PromptSystemContentBlockPropertiesInput` via: +// PromptSystemContentBlock0PropertiesInput is an input type that accepts PromptSystemContentBlock0PropertiesArgs and PromptSystemContentBlock0PropertiesOutput values. +// You can construct a concrete instance of `PromptSystemContentBlock0PropertiesInput` via: // -// PromptSystemContentBlockPropertiesArgs{...} -type PromptSystemContentBlockPropertiesInput interface { +// PromptSystemContentBlock0PropertiesArgs{...} +type PromptSystemContentBlock0PropertiesInput interface { pulumi.Input - ToPromptSystemContentBlockPropertiesOutput() PromptSystemContentBlockPropertiesOutput - ToPromptSystemContentBlockPropertiesOutputWithContext(context.Context) PromptSystemContentBlockPropertiesOutput + ToPromptSystemContentBlock0PropertiesOutput() PromptSystemContentBlock0PropertiesOutput + ToPromptSystemContentBlock0PropertiesOutputWithContext(context.Context) PromptSystemContentBlock0PropertiesOutput } // Configuration for chat prompt template -type PromptSystemContentBlockPropertiesArgs struct { +type PromptSystemContentBlock0PropertiesArgs struct { // Configuration for chat prompt template Text pulumi.StringInput `pulumi:"text"` } -func (PromptSystemContentBlockPropertiesArgs) ElementType() reflect.Type { - return reflect.TypeOf((*PromptSystemContentBlockProperties)(nil)).Elem() +func (PromptSystemContentBlock0PropertiesArgs) ElementType() reflect.Type { + return reflect.TypeOf((*PromptSystemContentBlock0Properties)(nil)).Elem() } -func (i PromptSystemContentBlockPropertiesArgs) ToPromptSystemContentBlockPropertiesOutput() PromptSystemContentBlockPropertiesOutput { - return i.ToPromptSystemContentBlockPropertiesOutputWithContext(context.Background()) +func (i PromptSystemContentBlock0PropertiesArgs) ToPromptSystemContentBlock0PropertiesOutput() PromptSystemContentBlock0PropertiesOutput { + return i.ToPromptSystemContentBlock0PropertiesOutputWithContext(context.Background()) } -func (i PromptSystemContentBlockPropertiesArgs) ToPromptSystemContentBlockPropertiesOutputWithContext(ctx context.Context) PromptSystemContentBlockPropertiesOutput { - return pulumi.ToOutputWithContext(ctx, i).(PromptSystemContentBlockPropertiesOutput) +func (i PromptSystemContentBlock0PropertiesArgs) ToPromptSystemContentBlock0PropertiesOutputWithContext(ctx context.Context) PromptSystemContentBlock0PropertiesOutput { + return pulumi.ToOutputWithContext(ctx, i).(PromptSystemContentBlock0PropertiesOutput) } -// PromptSystemContentBlockPropertiesArrayInput is an input type that accepts PromptSystemContentBlockPropertiesArray and PromptSystemContentBlockPropertiesArrayOutput values. -// You can construct a concrete instance of `PromptSystemContentBlockPropertiesArrayInput` via: -// -// PromptSystemContentBlockPropertiesArray{ PromptSystemContentBlockPropertiesArgs{...} } -type PromptSystemContentBlockPropertiesArrayInput interface { - pulumi.Input +// Configuration for chat prompt template +type PromptSystemContentBlock0PropertiesOutput struct{ *pulumi.OutputState } - ToPromptSystemContentBlockPropertiesArrayOutput() PromptSystemContentBlockPropertiesArrayOutput - ToPromptSystemContentBlockPropertiesArrayOutputWithContext(context.Context) PromptSystemContentBlockPropertiesArrayOutput +func (PromptSystemContentBlock0PropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptSystemContentBlock0Properties)(nil)).Elem() } -type PromptSystemContentBlockPropertiesArray []PromptSystemContentBlockPropertiesInput - -func (PromptSystemContentBlockPropertiesArray) ElementType() reflect.Type { - return reflect.TypeOf((*[]PromptSystemContentBlockProperties)(nil)).Elem() +func (o PromptSystemContentBlock0PropertiesOutput) ToPromptSystemContentBlock0PropertiesOutput() PromptSystemContentBlock0PropertiesOutput { + return o } -func (i PromptSystemContentBlockPropertiesArray) ToPromptSystemContentBlockPropertiesArrayOutput() PromptSystemContentBlockPropertiesArrayOutput { - return i.ToPromptSystemContentBlockPropertiesArrayOutputWithContext(context.Background()) +func (o PromptSystemContentBlock0PropertiesOutput) ToPromptSystemContentBlock0PropertiesOutputWithContext(ctx context.Context) PromptSystemContentBlock0PropertiesOutput { + return o } -func (i PromptSystemContentBlockPropertiesArray) ToPromptSystemContentBlockPropertiesArrayOutputWithContext(ctx context.Context) PromptSystemContentBlockPropertiesArrayOutput { - return pulumi.ToOutputWithContext(ctx, i).(PromptSystemContentBlockPropertiesArrayOutput) +// Configuration for chat prompt template +func (o PromptSystemContentBlock0PropertiesOutput) Text() pulumi.StringOutput { + return o.ApplyT(func(v PromptSystemContentBlock0Properties) string { return v.Text }).(pulumi.StringOutput) } // Configuration for chat prompt template -type PromptSystemContentBlockPropertiesOutput struct{ *pulumi.OutputState } +type PromptSystemContentBlock1Properties struct { + CachePoint PromptCachePointBlock `pulumi:"cachePoint"` +} -func (PromptSystemContentBlockPropertiesOutput) ElementType() reflect.Type { - return reflect.TypeOf((*PromptSystemContentBlockProperties)(nil)).Elem() +// PromptSystemContentBlock1PropertiesInput is an input type that accepts PromptSystemContentBlock1PropertiesArgs and PromptSystemContentBlock1PropertiesOutput values. +// You can construct a concrete instance of `PromptSystemContentBlock1PropertiesInput` via: +// +// PromptSystemContentBlock1PropertiesArgs{...} +type PromptSystemContentBlock1PropertiesInput interface { + pulumi.Input + + ToPromptSystemContentBlock1PropertiesOutput() PromptSystemContentBlock1PropertiesOutput + ToPromptSystemContentBlock1PropertiesOutputWithContext(context.Context) PromptSystemContentBlock1PropertiesOutput } -func (o PromptSystemContentBlockPropertiesOutput) ToPromptSystemContentBlockPropertiesOutput() PromptSystemContentBlockPropertiesOutput { - return o +// Configuration for chat prompt template +type PromptSystemContentBlock1PropertiesArgs struct { + CachePoint PromptCachePointBlockInput `pulumi:"cachePoint"` } -func (o PromptSystemContentBlockPropertiesOutput) ToPromptSystemContentBlockPropertiesOutputWithContext(ctx context.Context) PromptSystemContentBlockPropertiesOutput { - return o +func (PromptSystemContentBlock1PropertiesArgs) ElementType() reflect.Type { + return reflect.TypeOf((*PromptSystemContentBlock1Properties)(nil)).Elem() } -// Configuration for chat prompt template -func (o PromptSystemContentBlockPropertiesOutput) Text() pulumi.StringOutput { - return o.ApplyT(func(v PromptSystemContentBlockProperties) string { return v.Text }).(pulumi.StringOutput) +func (i PromptSystemContentBlock1PropertiesArgs) ToPromptSystemContentBlock1PropertiesOutput() PromptSystemContentBlock1PropertiesOutput { + return i.ToPromptSystemContentBlock1PropertiesOutputWithContext(context.Background()) } -type PromptSystemContentBlockPropertiesArrayOutput struct{ *pulumi.OutputState } +func (i PromptSystemContentBlock1PropertiesArgs) ToPromptSystemContentBlock1PropertiesOutputWithContext(ctx context.Context) PromptSystemContentBlock1PropertiesOutput { + return pulumi.ToOutputWithContext(ctx, i).(PromptSystemContentBlock1PropertiesOutput) +} -func (PromptSystemContentBlockPropertiesArrayOutput) ElementType() reflect.Type { - return reflect.TypeOf((*[]PromptSystemContentBlockProperties)(nil)).Elem() +// Configuration for chat prompt template +type PromptSystemContentBlock1PropertiesOutput struct{ *pulumi.OutputState } + +func (PromptSystemContentBlock1PropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptSystemContentBlock1Properties)(nil)).Elem() } -func (o PromptSystemContentBlockPropertiesArrayOutput) ToPromptSystemContentBlockPropertiesArrayOutput() PromptSystemContentBlockPropertiesArrayOutput { +func (o PromptSystemContentBlock1PropertiesOutput) ToPromptSystemContentBlock1PropertiesOutput() PromptSystemContentBlock1PropertiesOutput { return o } -func (o PromptSystemContentBlockPropertiesArrayOutput) ToPromptSystemContentBlockPropertiesArrayOutputWithContext(ctx context.Context) PromptSystemContentBlockPropertiesArrayOutput { +func (o PromptSystemContentBlock1PropertiesOutput) ToPromptSystemContentBlock1PropertiesOutputWithContext(ctx context.Context) PromptSystemContentBlock1PropertiesOutput { return o } -func (o PromptSystemContentBlockPropertiesArrayOutput) Index(i pulumi.IntInput) PromptSystemContentBlockPropertiesOutput { - return pulumi.All(o, i).ApplyT(func(vs []interface{}) PromptSystemContentBlockProperties { - return vs[0].([]PromptSystemContentBlockProperties)[vs[1].(int)] - }).(PromptSystemContentBlockPropertiesOutput) +func (o PromptSystemContentBlock1PropertiesOutput) CachePoint() PromptCachePointBlockOutput { + return o.ApplyT(func(v PromptSystemContentBlock1Properties) PromptCachePointBlock { return v.CachePoint }).(PromptCachePointBlockOutput) } // Prompt template configuration @@ -26886,6 +27145,7 @@ func (o PromptTemplateConfiguration1PropertiesOutput) Chat() PromptChatPromptTem // Configuration for text prompt template type PromptTextPromptTemplateConfiguration struct { + CachePoint *PromptCachePointBlock `pulumi:"cachePoint"` // List of input variables InputVariables []PromptInputVariable `pulumi:"inputVariables"` // Prompt content for String prompt template @@ -26906,6 +27166,7 @@ type PromptTextPromptTemplateConfigurationInput interface { // Configuration for text prompt template type PromptTextPromptTemplateConfigurationArgs struct { + CachePoint PromptCachePointBlockPtrInput `pulumi:"cachePoint"` // List of input variables InputVariables PromptInputVariableArrayInput `pulumi:"inputVariables"` // Prompt content for String prompt template @@ -26940,6 +27201,10 @@ func (o PromptTextPromptTemplateConfigurationOutput) ToPromptTextPromptTemplateC return o } +func (o PromptTextPromptTemplateConfigurationOutput) CachePoint() PromptCachePointBlockPtrOutput { + return o.ApplyT(func(v PromptTextPromptTemplateConfiguration) *PromptCachePointBlock { return v.CachePoint }).(PromptCachePointBlockPtrOutput) +} + // List of input variables func (o PromptTextPromptTemplateConfigurationOutput) InputVariables() PromptInputVariableArrayOutput { return o.ApplyT(func(v PromptTextPromptTemplateConfiguration) []PromptInputVariable { return v.InputVariables }).(PromptInputVariableArrayOutput) @@ -27137,6 +27402,105 @@ type PromptTool0Properties struct { ToolSpec PromptToolSpecification `pulumi:"toolSpec"` } +// PromptTool0PropertiesInput is an input type that accepts PromptTool0PropertiesArgs and PromptTool0PropertiesOutput values. +// You can construct a concrete instance of `PromptTool0PropertiesInput` via: +// +// PromptTool0PropertiesArgs{...} +type PromptTool0PropertiesInput interface { + pulumi.Input + + ToPromptTool0PropertiesOutput() PromptTool0PropertiesOutput + ToPromptTool0PropertiesOutputWithContext(context.Context) PromptTool0PropertiesOutput +} + +// Tool details +type PromptTool0PropertiesArgs struct { + ToolSpec PromptToolSpecificationInput `pulumi:"toolSpec"` +} + +func (PromptTool0PropertiesArgs) ElementType() reflect.Type { + return reflect.TypeOf((*PromptTool0Properties)(nil)).Elem() +} + +func (i PromptTool0PropertiesArgs) ToPromptTool0PropertiesOutput() PromptTool0PropertiesOutput { + return i.ToPromptTool0PropertiesOutputWithContext(context.Background()) +} + +func (i PromptTool0PropertiesArgs) ToPromptTool0PropertiesOutputWithContext(ctx context.Context) PromptTool0PropertiesOutput { + return pulumi.ToOutputWithContext(ctx, i).(PromptTool0PropertiesOutput) +} + +// Tool details +type PromptTool0PropertiesOutput struct{ *pulumi.OutputState } + +func (PromptTool0PropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptTool0Properties)(nil)).Elem() +} + +func (o PromptTool0PropertiesOutput) ToPromptTool0PropertiesOutput() PromptTool0PropertiesOutput { + return o +} + +func (o PromptTool0PropertiesOutput) ToPromptTool0PropertiesOutputWithContext(ctx context.Context) PromptTool0PropertiesOutput { + return o +} + +func (o PromptTool0PropertiesOutput) ToolSpec() PromptToolSpecificationOutput { + return o.ApplyT(func(v PromptTool0Properties) PromptToolSpecification { return v.ToolSpec }).(PromptToolSpecificationOutput) +} + +// Tool details +type PromptTool1Properties struct { + CachePoint PromptCachePointBlock `pulumi:"cachePoint"` +} + +// PromptTool1PropertiesInput is an input type that accepts PromptTool1PropertiesArgs and PromptTool1PropertiesOutput values. +// You can construct a concrete instance of `PromptTool1PropertiesInput` via: +// +// PromptTool1PropertiesArgs{...} +type PromptTool1PropertiesInput interface { + pulumi.Input + + ToPromptTool1PropertiesOutput() PromptTool1PropertiesOutput + ToPromptTool1PropertiesOutputWithContext(context.Context) PromptTool1PropertiesOutput +} + +// Tool details +type PromptTool1PropertiesArgs struct { + CachePoint PromptCachePointBlockInput `pulumi:"cachePoint"` +} + +func (PromptTool1PropertiesArgs) ElementType() reflect.Type { + return reflect.TypeOf((*PromptTool1Properties)(nil)).Elem() +} + +func (i PromptTool1PropertiesArgs) ToPromptTool1PropertiesOutput() PromptTool1PropertiesOutput { + return i.ToPromptTool1PropertiesOutputWithContext(context.Background()) +} + +func (i PromptTool1PropertiesArgs) ToPromptTool1PropertiesOutputWithContext(ctx context.Context) PromptTool1PropertiesOutput { + return pulumi.ToOutputWithContext(ctx, i).(PromptTool1PropertiesOutput) +} + +// Tool details +type PromptTool1PropertiesOutput struct{ *pulumi.OutputState } + +func (PromptTool1PropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptTool1Properties)(nil)).Elem() +} + +func (o PromptTool1PropertiesOutput) ToPromptTool1PropertiesOutput() PromptTool1PropertiesOutput { + return o +} + +func (o PromptTool1PropertiesOutput) ToPromptTool1PropertiesOutputWithContext(ctx context.Context) PromptTool1PropertiesOutput { + return o +} + +func (o PromptTool1PropertiesOutput) CachePoint() PromptCachePointBlockOutput { + return o.ApplyT(func(v PromptTool1Properties) PromptCachePointBlock { return v.CachePoint }).(PromptCachePointBlockOutput) +} + // Tool choice type PromptToolChoice0Properties struct { Auto PromptAutoToolChoice `pulumi:"auto"` @@ -27549,7 +27913,7 @@ func (o PromptToolChoice2PropertiesPtrOutput) Tool() PromptSpecificToolChoicePtr type PromptToolConfiguration struct { ToolChoice interface{} `pulumi:"toolChoice"` // List of Tools - Tools []PromptToolProperties `pulumi:"tools"` + Tools []interface{} `pulumi:"tools"` } // PromptToolConfigurationInput is an input type that accepts PromptToolConfigurationArgs and PromptToolConfigurationOutput values. @@ -27567,7 +27931,7 @@ type PromptToolConfigurationInput interface { type PromptToolConfigurationArgs struct { ToolChoice pulumi.Input `pulumi:"toolChoice"` // List of Tools - Tools PromptToolPropertiesArrayInput `pulumi:"tools"` + Tools pulumi.ArrayInput `pulumi:"tools"` } func (PromptToolConfigurationArgs) ElementType() reflect.Type { @@ -27653,8 +28017,8 @@ func (o PromptToolConfigurationOutput) ToolChoice() pulumi.AnyOutput { } // List of Tools -func (o PromptToolConfigurationOutput) Tools() PromptToolPropertiesArrayOutput { - return o.ApplyT(func(v PromptToolConfiguration) []PromptToolProperties { return v.Tools }).(PromptToolPropertiesArrayOutput) +func (o PromptToolConfigurationOutput) Tools() pulumi.ArrayOutput { + return o.ApplyT(func(v PromptToolConfiguration) []interface{} { return v.Tools }).(pulumi.ArrayOutput) } type PromptToolConfigurationPtrOutput struct{ *pulumi.OutputState } @@ -27691,13 +28055,13 @@ func (o PromptToolConfigurationPtrOutput) ToolChoice() pulumi.AnyOutput { } // List of Tools -func (o PromptToolConfigurationPtrOutput) Tools() PromptToolPropertiesArrayOutput { - return o.ApplyT(func(v *PromptToolConfiguration) []PromptToolProperties { +func (o PromptToolConfigurationPtrOutput) Tools() pulumi.ArrayOutput { + return o.ApplyT(func(v *PromptToolConfiguration) []interface{} { if v == nil { return nil } return v.Tools - }).(PromptToolPropertiesArrayOutput) + }).(pulumi.ArrayOutput) } // Tool input schema json @@ -27757,103 +28121,6 @@ func (o PromptToolInputSchemaPropertiesOutput) Json() pulumi.AnyOutput { return o.ApplyT(func(v PromptToolInputSchemaProperties) interface{} { return v.Json }).(pulumi.AnyOutput) } -// Tool details -type PromptToolProperties struct { - ToolSpec PromptToolSpecification `pulumi:"toolSpec"` -} - -// PromptToolPropertiesInput is an input type that accepts PromptToolPropertiesArgs and PromptToolPropertiesOutput values. -// You can construct a concrete instance of `PromptToolPropertiesInput` via: -// -// PromptToolPropertiesArgs{...} -type PromptToolPropertiesInput interface { - pulumi.Input - - ToPromptToolPropertiesOutput() PromptToolPropertiesOutput - ToPromptToolPropertiesOutputWithContext(context.Context) PromptToolPropertiesOutput -} - -// Tool details -type PromptToolPropertiesArgs struct { - ToolSpec PromptToolSpecificationInput `pulumi:"toolSpec"` -} - -func (PromptToolPropertiesArgs) ElementType() reflect.Type { - return reflect.TypeOf((*PromptToolProperties)(nil)).Elem() -} - -func (i PromptToolPropertiesArgs) ToPromptToolPropertiesOutput() PromptToolPropertiesOutput { - return i.ToPromptToolPropertiesOutputWithContext(context.Background()) -} - -func (i PromptToolPropertiesArgs) ToPromptToolPropertiesOutputWithContext(ctx context.Context) PromptToolPropertiesOutput { - return pulumi.ToOutputWithContext(ctx, i).(PromptToolPropertiesOutput) -} - -// PromptToolPropertiesArrayInput is an input type that accepts PromptToolPropertiesArray and PromptToolPropertiesArrayOutput values. -// You can construct a concrete instance of `PromptToolPropertiesArrayInput` via: -// -// PromptToolPropertiesArray{ PromptToolPropertiesArgs{...} } -type PromptToolPropertiesArrayInput interface { - pulumi.Input - - ToPromptToolPropertiesArrayOutput() PromptToolPropertiesArrayOutput - ToPromptToolPropertiesArrayOutputWithContext(context.Context) PromptToolPropertiesArrayOutput -} - -type PromptToolPropertiesArray []PromptToolPropertiesInput - -func (PromptToolPropertiesArray) ElementType() reflect.Type { - return reflect.TypeOf((*[]PromptToolProperties)(nil)).Elem() -} - -func (i PromptToolPropertiesArray) ToPromptToolPropertiesArrayOutput() PromptToolPropertiesArrayOutput { - return i.ToPromptToolPropertiesArrayOutputWithContext(context.Background()) -} - -func (i PromptToolPropertiesArray) ToPromptToolPropertiesArrayOutputWithContext(ctx context.Context) PromptToolPropertiesArrayOutput { - return pulumi.ToOutputWithContext(ctx, i).(PromptToolPropertiesArrayOutput) -} - -// Tool details -type PromptToolPropertiesOutput struct{ *pulumi.OutputState } - -func (PromptToolPropertiesOutput) ElementType() reflect.Type { - return reflect.TypeOf((*PromptToolProperties)(nil)).Elem() -} - -func (o PromptToolPropertiesOutput) ToPromptToolPropertiesOutput() PromptToolPropertiesOutput { - return o -} - -func (o PromptToolPropertiesOutput) ToPromptToolPropertiesOutputWithContext(ctx context.Context) PromptToolPropertiesOutput { - return o -} - -func (o PromptToolPropertiesOutput) ToolSpec() PromptToolSpecificationOutput { - return o.ApplyT(func(v PromptToolProperties) PromptToolSpecification { return v.ToolSpec }).(PromptToolSpecificationOutput) -} - -type PromptToolPropertiesArrayOutput struct{ *pulumi.OutputState } - -func (PromptToolPropertiesArrayOutput) ElementType() reflect.Type { - return reflect.TypeOf((*[]PromptToolProperties)(nil)).Elem() -} - -func (o PromptToolPropertiesArrayOutput) ToPromptToolPropertiesArrayOutput() PromptToolPropertiesArrayOutput { - return o -} - -func (o PromptToolPropertiesArrayOutput) ToPromptToolPropertiesArrayOutputWithContext(ctx context.Context) PromptToolPropertiesArrayOutput { - return o -} - -func (o PromptToolPropertiesArrayOutput) Index(i pulumi.IntInput) PromptToolPropertiesOutput { - return pulumi.All(o, i).ApplyT(func(vs []interface{}) PromptToolProperties { - return vs[0].([]PromptToolProperties)[vs[1].(int)] - }).(PromptToolPropertiesOutput) -} - // Tool specification type PromptToolSpecification struct { Description *string `pulumi:"description"` @@ -27923,6 +28190,8 @@ func (o PromptToolSpecificationOutput) Name() pulumi.StringOutput { // Prompt variant type PromptVariant struct { + // Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + AdditionalModelRequestFields *PromptAdditionalModelRequestFields `pulumi:"additionalModelRequestFields"` // Specifies a generative AI resource with which to use the prompt. GenAiResource *PromptGenAiResourceProperties `pulumi:"genAiResource"` // Contains inference configurations for the prompt variant. @@ -27950,6 +28219,8 @@ type PromptVariantInput interface { // Prompt variant type PromptVariantArgs struct { + // Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + AdditionalModelRequestFields PromptAdditionalModelRequestFieldsPtrInput `pulumi:"additionalModelRequestFields"` // Specifies a generative AI resource with which to use the prompt. GenAiResource PromptGenAiResourcePropertiesPtrInput `pulumi:"genAiResource"` // Contains inference configurations for the prompt variant. @@ -28016,6 +28287,11 @@ func (o PromptVariantOutput) ToPromptVariantOutputWithContext(ctx context.Contex return o } +// Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . +func (o PromptVariantOutput) AdditionalModelRequestFields() PromptAdditionalModelRequestFieldsPtrOutput { + return o.ApplyT(func(v PromptVariant) *PromptAdditionalModelRequestFields { return v.AdditionalModelRequestFields }).(PromptAdditionalModelRequestFieldsPtrOutput) +} + // Specifies a generative AI resource with which to use the prompt. func (o PromptVariantOutput) GenAiResource() PromptGenAiResourcePropertiesPtrOutput { return o.ApplyT(func(v PromptVariant) *PromptGenAiResourceProperties { return v.GenAiResource }).(PromptGenAiResourcePropertiesPtrOutput) @@ -28066,6 +28342,49 @@ func (o PromptVariantArrayOutput) Index(i pulumi.IntInput) PromptVariantOutput { }).(PromptVariantOutput) } +// Contains model-specific configurations +type PromptVersionAdditionalModelRequestFields struct { +} + +// Contains model-specific configurations +type PromptVersionAdditionalModelRequestFieldsOutput struct{ *pulumi.OutputState } + +func (PromptVersionAdditionalModelRequestFieldsOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptVersionAdditionalModelRequestFields)(nil)).Elem() +} + +func (o PromptVersionAdditionalModelRequestFieldsOutput) ToPromptVersionAdditionalModelRequestFieldsOutput() PromptVersionAdditionalModelRequestFieldsOutput { + return o +} + +func (o PromptVersionAdditionalModelRequestFieldsOutput) ToPromptVersionAdditionalModelRequestFieldsOutputWithContext(ctx context.Context) PromptVersionAdditionalModelRequestFieldsOutput { + return o +} + +type PromptVersionAdditionalModelRequestFieldsPtrOutput struct{ *pulumi.OutputState } + +func (PromptVersionAdditionalModelRequestFieldsPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**PromptVersionAdditionalModelRequestFields)(nil)).Elem() +} + +func (o PromptVersionAdditionalModelRequestFieldsPtrOutput) ToPromptVersionAdditionalModelRequestFieldsPtrOutput() PromptVersionAdditionalModelRequestFieldsPtrOutput { + return o +} + +func (o PromptVersionAdditionalModelRequestFieldsPtrOutput) ToPromptVersionAdditionalModelRequestFieldsPtrOutputWithContext(ctx context.Context) PromptVersionAdditionalModelRequestFieldsPtrOutput { + return o +} + +func (o PromptVersionAdditionalModelRequestFieldsPtrOutput) Elem() PromptVersionAdditionalModelRequestFieldsOutput { + return o.ApplyT(func(v *PromptVersionAdditionalModelRequestFields) PromptVersionAdditionalModelRequestFields { + if v != nil { + return *v + } + var ret PromptVersionAdditionalModelRequestFields + return ret + }).(PromptVersionAdditionalModelRequestFieldsOutput) +} + // Any Tool choice type PromptVersionAnyToolChoice struct { } @@ -28152,6 +28471,63 @@ func (o PromptVersionAutoToolChoicePtrOutput) Elem() PromptVersionAutoToolChoice }).(PromptVersionAutoToolChoiceOutput) } +// CachePointBlock +type PromptVersionCachePointBlock struct { + Type PromptVersionCachePointType `pulumi:"type"` +} + +// CachePointBlock +type PromptVersionCachePointBlockOutput struct{ *pulumi.OutputState } + +func (PromptVersionCachePointBlockOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptVersionCachePointBlock)(nil)).Elem() +} + +func (o PromptVersionCachePointBlockOutput) ToPromptVersionCachePointBlockOutput() PromptVersionCachePointBlockOutput { + return o +} + +func (o PromptVersionCachePointBlockOutput) ToPromptVersionCachePointBlockOutputWithContext(ctx context.Context) PromptVersionCachePointBlockOutput { + return o +} + +func (o PromptVersionCachePointBlockOutput) Type() PromptVersionCachePointTypeOutput { + return o.ApplyT(func(v PromptVersionCachePointBlock) PromptVersionCachePointType { return v.Type }).(PromptVersionCachePointTypeOutput) +} + +type PromptVersionCachePointBlockPtrOutput struct{ *pulumi.OutputState } + +func (PromptVersionCachePointBlockPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**PromptVersionCachePointBlock)(nil)).Elem() +} + +func (o PromptVersionCachePointBlockPtrOutput) ToPromptVersionCachePointBlockPtrOutput() PromptVersionCachePointBlockPtrOutput { + return o +} + +func (o PromptVersionCachePointBlockPtrOutput) ToPromptVersionCachePointBlockPtrOutputWithContext(ctx context.Context) PromptVersionCachePointBlockPtrOutput { + return o +} + +func (o PromptVersionCachePointBlockPtrOutput) Elem() PromptVersionCachePointBlockOutput { + return o.ApplyT(func(v *PromptVersionCachePointBlock) PromptVersionCachePointBlock { + if v != nil { + return *v + } + var ret PromptVersionCachePointBlock + return ret + }).(PromptVersionCachePointBlockOutput) +} + +func (o PromptVersionCachePointBlockPtrOutput) Type() PromptVersionCachePointTypePtrOutput { + return o.ApplyT(func(v *PromptVersionCachePointBlock) *PromptVersionCachePointType { + if v == nil { + return nil + } + return &v.Type + }).(PromptVersionCachePointTypePtrOutput) +} + // Configuration for chat prompt template type PromptVersionChatPromptTemplateConfiguration struct { // List of input variables @@ -28159,8 +28535,8 @@ type PromptVersionChatPromptTemplateConfiguration struct { // List of messages for chat prompt template Messages []PromptVersionMessage `pulumi:"messages"` // Configuration for chat prompt template - System []PromptVersionSystemContentBlockProperties `pulumi:"system"` - ToolConfiguration *PromptVersionToolConfiguration `pulumi:"toolConfiguration"` + System []interface{} `pulumi:"system"` + ToolConfiguration *PromptVersionToolConfiguration `pulumi:"toolConfiguration"` } // Configuration for chat prompt template @@ -28191,10 +28567,8 @@ func (o PromptVersionChatPromptTemplateConfigurationOutput) Messages() PromptVer } // Configuration for chat prompt template -func (o PromptVersionChatPromptTemplateConfigurationOutput) System() PromptVersionSystemContentBlockPropertiesArrayOutput { - return o.ApplyT(func(v PromptVersionChatPromptTemplateConfiguration) []PromptVersionSystemContentBlockProperties { - return v.System - }).(PromptVersionSystemContentBlockPropertiesArrayOutput) +func (o PromptVersionChatPromptTemplateConfigurationOutput) System() pulumi.ArrayOutput { + return o.ApplyT(func(v PromptVersionChatPromptTemplateConfiguration) []interface{} { return v.System }).(pulumi.ArrayOutput) } func (o PromptVersionChatPromptTemplateConfigurationOutput) ToolConfiguration() PromptVersionToolConfigurationPtrOutput { @@ -28210,56 +28584,54 @@ type PromptVersionContentBlock0Properties struct { } // Configuration for chat prompt template -type PromptVersionContentBlockProperties struct { - // Configuration for chat prompt template - Text string `pulumi:"text"` -} - -// Configuration for chat prompt template -type PromptVersionContentBlockPropertiesOutput struct{ *pulumi.OutputState } +type PromptVersionContentBlock0PropertiesOutput struct{ *pulumi.OutputState } -func (PromptVersionContentBlockPropertiesOutput) ElementType() reflect.Type { - return reflect.TypeOf((*PromptVersionContentBlockProperties)(nil)).Elem() +func (PromptVersionContentBlock0PropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptVersionContentBlock0Properties)(nil)).Elem() } -func (o PromptVersionContentBlockPropertiesOutput) ToPromptVersionContentBlockPropertiesOutput() PromptVersionContentBlockPropertiesOutput { +func (o PromptVersionContentBlock0PropertiesOutput) ToPromptVersionContentBlock0PropertiesOutput() PromptVersionContentBlock0PropertiesOutput { return o } -func (o PromptVersionContentBlockPropertiesOutput) ToPromptVersionContentBlockPropertiesOutputWithContext(ctx context.Context) PromptVersionContentBlockPropertiesOutput { +func (o PromptVersionContentBlock0PropertiesOutput) ToPromptVersionContentBlock0PropertiesOutputWithContext(ctx context.Context) PromptVersionContentBlock0PropertiesOutput { return o } // Configuration for chat prompt template -func (o PromptVersionContentBlockPropertiesOutput) Text() pulumi.StringOutput { - return o.ApplyT(func(v PromptVersionContentBlockProperties) string { return v.Text }).(pulumi.StringOutput) +func (o PromptVersionContentBlock0PropertiesOutput) Text() pulumi.StringOutput { + return o.ApplyT(func(v PromptVersionContentBlock0Properties) string { return v.Text }).(pulumi.StringOutput) } -type PromptVersionContentBlockPropertiesArrayOutput struct{ *pulumi.OutputState } +// Configuration for chat prompt template +type PromptVersionContentBlock1Properties struct { + CachePoint PromptVersionCachePointBlock `pulumi:"cachePoint"` +} + +// Configuration for chat prompt template +type PromptVersionContentBlock1PropertiesOutput struct{ *pulumi.OutputState } -func (PromptVersionContentBlockPropertiesArrayOutput) ElementType() reflect.Type { - return reflect.TypeOf((*[]PromptVersionContentBlockProperties)(nil)).Elem() +func (PromptVersionContentBlock1PropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptVersionContentBlock1Properties)(nil)).Elem() } -func (o PromptVersionContentBlockPropertiesArrayOutput) ToPromptVersionContentBlockPropertiesArrayOutput() PromptVersionContentBlockPropertiesArrayOutput { +func (o PromptVersionContentBlock1PropertiesOutput) ToPromptVersionContentBlock1PropertiesOutput() PromptVersionContentBlock1PropertiesOutput { return o } -func (o PromptVersionContentBlockPropertiesArrayOutput) ToPromptVersionContentBlockPropertiesArrayOutputWithContext(ctx context.Context) PromptVersionContentBlockPropertiesArrayOutput { +func (o PromptVersionContentBlock1PropertiesOutput) ToPromptVersionContentBlock1PropertiesOutputWithContext(ctx context.Context) PromptVersionContentBlock1PropertiesOutput { return o } -func (o PromptVersionContentBlockPropertiesArrayOutput) Index(i pulumi.IntInput) PromptVersionContentBlockPropertiesOutput { - return pulumi.All(o, i).ApplyT(func(vs []interface{}) PromptVersionContentBlockProperties { - return vs[0].([]PromptVersionContentBlockProperties)[vs[1].(int)] - }).(PromptVersionContentBlockPropertiesOutput) +func (o PromptVersionContentBlock1PropertiesOutput) CachePoint() PromptVersionCachePointBlockOutput { + return o.ApplyT(func(v PromptVersionContentBlock1Properties) PromptVersionCachePointBlock { return v.CachePoint }).(PromptVersionCachePointBlockOutput) } // Chat prompt Message type PromptVersionMessage struct { // List of Content Blocks - Content []PromptVersionContentBlockProperties `pulumi:"content"` - Role PromptVersionConversationRole `pulumi:"role"` + Content []interface{} `pulumi:"content"` + Role PromptVersionConversationRole `pulumi:"role"` } // Chat prompt Message @@ -28278,8 +28650,8 @@ func (o PromptVersionMessageOutput) ToPromptVersionMessageOutputWithContext(ctx } // List of Content Blocks -func (o PromptVersionMessageOutput) Content() PromptVersionContentBlockPropertiesArrayOutput { - return o.ApplyT(func(v PromptVersionMessage) []PromptVersionContentBlockProperties { return v.Content }).(PromptVersionContentBlockPropertiesArrayOutput) +func (o PromptVersionMessageOutput) Content() pulumi.ArrayOutput { + return o.ApplyT(func(v PromptVersionMessage) []interface{} { return v.Content }).(pulumi.ArrayOutput) } func (o PromptVersionMessageOutput) Role() PromptVersionConversationRoleOutput { @@ -28703,6 +29075,8 @@ func (o PromptVersionPromptTemplateConfiguration1PropertiesOutput) Chat() Prompt // Prompt variant type PromptVersionPromptVariant struct { + // Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + AdditionalModelRequestFields *PromptVersionAdditionalModelRequestFields `pulumi:"additionalModelRequestFields"` // Specifies a generative AI resource with which to use the prompt. GenAiResource *PromptVersionPromptGenAiResourceProperties `pulumi:"genAiResource"` // Contains inference configurations for the prompt variant. @@ -28732,6 +29106,13 @@ func (o PromptVersionPromptVariantOutput) ToPromptVersionPromptVariantOutputWith return o } +// Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . +func (o PromptVersionPromptVariantOutput) AdditionalModelRequestFields() PromptVersionAdditionalModelRequestFieldsPtrOutput { + return o.ApplyT(func(v PromptVersionPromptVariant) *PromptVersionAdditionalModelRequestFields { + return v.AdditionalModelRequestFields + }).(PromptVersionAdditionalModelRequestFieldsPtrOutput) +} + // Specifies a generative AI resource with which to use the prompt. func (o PromptVersionPromptVariantOutput) GenAiResource() PromptVersionPromptGenAiResourcePropertiesPtrOutput { return o.ApplyT(func(v PromptVersionPromptVariant) *PromptVersionPromptGenAiResourceProperties { return v.GenAiResource }).(PromptVersionPromptGenAiResourcePropertiesPtrOutput) @@ -28851,53 +29232,52 @@ type PromptVersionSystemContentBlock0Properties struct { } // Configuration for chat prompt template -type PromptVersionSystemContentBlockProperties struct { - // Configuration for chat prompt template - Text string `pulumi:"text"` -} - -// Configuration for chat prompt template -type PromptVersionSystemContentBlockPropertiesOutput struct{ *pulumi.OutputState } +type PromptVersionSystemContentBlock0PropertiesOutput struct{ *pulumi.OutputState } -func (PromptVersionSystemContentBlockPropertiesOutput) ElementType() reflect.Type { - return reflect.TypeOf((*PromptVersionSystemContentBlockProperties)(nil)).Elem() +func (PromptVersionSystemContentBlock0PropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptVersionSystemContentBlock0Properties)(nil)).Elem() } -func (o PromptVersionSystemContentBlockPropertiesOutput) ToPromptVersionSystemContentBlockPropertiesOutput() PromptVersionSystemContentBlockPropertiesOutput { +func (o PromptVersionSystemContentBlock0PropertiesOutput) ToPromptVersionSystemContentBlock0PropertiesOutput() PromptVersionSystemContentBlock0PropertiesOutput { return o } -func (o PromptVersionSystemContentBlockPropertiesOutput) ToPromptVersionSystemContentBlockPropertiesOutputWithContext(ctx context.Context) PromptVersionSystemContentBlockPropertiesOutput { +func (o PromptVersionSystemContentBlock0PropertiesOutput) ToPromptVersionSystemContentBlock0PropertiesOutputWithContext(ctx context.Context) PromptVersionSystemContentBlock0PropertiesOutput { return o } // Configuration for chat prompt template -func (o PromptVersionSystemContentBlockPropertiesOutput) Text() pulumi.StringOutput { - return o.ApplyT(func(v PromptVersionSystemContentBlockProperties) string { return v.Text }).(pulumi.StringOutput) +func (o PromptVersionSystemContentBlock0PropertiesOutput) Text() pulumi.StringOutput { + return o.ApplyT(func(v PromptVersionSystemContentBlock0Properties) string { return v.Text }).(pulumi.StringOutput) } -type PromptVersionSystemContentBlockPropertiesArrayOutput struct{ *pulumi.OutputState } +// Configuration for chat prompt template +type PromptVersionSystemContentBlock1Properties struct { + CachePoint PromptVersionCachePointBlock `pulumi:"cachePoint"` +} + +// Configuration for chat prompt template +type PromptVersionSystemContentBlock1PropertiesOutput struct{ *pulumi.OutputState } -func (PromptVersionSystemContentBlockPropertiesArrayOutput) ElementType() reflect.Type { - return reflect.TypeOf((*[]PromptVersionSystemContentBlockProperties)(nil)).Elem() +func (PromptVersionSystemContentBlock1PropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptVersionSystemContentBlock1Properties)(nil)).Elem() } -func (o PromptVersionSystemContentBlockPropertiesArrayOutput) ToPromptVersionSystemContentBlockPropertiesArrayOutput() PromptVersionSystemContentBlockPropertiesArrayOutput { +func (o PromptVersionSystemContentBlock1PropertiesOutput) ToPromptVersionSystemContentBlock1PropertiesOutput() PromptVersionSystemContentBlock1PropertiesOutput { return o } -func (o PromptVersionSystemContentBlockPropertiesArrayOutput) ToPromptVersionSystemContentBlockPropertiesArrayOutputWithContext(ctx context.Context) PromptVersionSystemContentBlockPropertiesArrayOutput { +func (o PromptVersionSystemContentBlock1PropertiesOutput) ToPromptVersionSystemContentBlock1PropertiesOutputWithContext(ctx context.Context) PromptVersionSystemContentBlock1PropertiesOutput { return o } -func (o PromptVersionSystemContentBlockPropertiesArrayOutput) Index(i pulumi.IntInput) PromptVersionSystemContentBlockPropertiesOutput { - return pulumi.All(o, i).ApplyT(func(vs []interface{}) PromptVersionSystemContentBlockProperties { - return vs[0].([]PromptVersionSystemContentBlockProperties)[vs[1].(int)] - }).(PromptVersionSystemContentBlockPropertiesOutput) +func (o PromptVersionSystemContentBlock1PropertiesOutput) CachePoint() PromptVersionCachePointBlockOutput { + return o.ApplyT(func(v PromptVersionSystemContentBlock1Properties) PromptVersionCachePointBlock { return v.CachePoint }).(PromptVersionCachePointBlockOutput) } // Configuration for text prompt template type PromptVersionTextPromptTemplateConfiguration struct { + CachePoint *PromptVersionCachePointBlock `pulumi:"cachePoint"` // List of input variables InputVariables []PromptVersionPromptInputVariable `pulumi:"inputVariables"` // Prompt content for String prompt template @@ -28919,6 +29299,12 @@ func (o PromptVersionTextPromptTemplateConfigurationOutput) ToPromptVersionTextP return o } +func (o PromptVersionTextPromptTemplateConfigurationOutput) CachePoint() PromptVersionCachePointBlockPtrOutput { + return o.ApplyT(func(v PromptVersionTextPromptTemplateConfiguration) *PromptVersionCachePointBlock { + return v.CachePoint + }).(PromptVersionCachePointBlockPtrOutput) +} + // List of input variables func (o PromptVersionTextPromptTemplateConfigurationOutput) InputVariables() PromptVersionPromptInputVariableArrayOutput { return o.ApplyT(func(v PromptVersionTextPromptTemplateConfiguration) []PromptVersionPromptInputVariable { @@ -28936,6 +29322,49 @@ type PromptVersionTool0Properties struct { ToolSpec PromptVersionToolSpecification `pulumi:"toolSpec"` } +// Tool details +type PromptVersionTool0PropertiesOutput struct{ *pulumi.OutputState } + +func (PromptVersionTool0PropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptVersionTool0Properties)(nil)).Elem() +} + +func (o PromptVersionTool0PropertiesOutput) ToPromptVersionTool0PropertiesOutput() PromptVersionTool0PropertiesOutput { + return o +} + +func (o PromptVersionTool0PropertiesOutput) ToPromptVersionTool0PropertiesOutputWithContext(ctx context.Context) PromptVersionTool0PropertiesOutput { + return o +} + +func (o PromptVersionTool0PropertiesOutput) ToolSpec() PromptVersionToolSpecificationOutput { + return o.ApplyT(func(v PromptVersionTool0Properties) PromptVersionToolSpecification { return v.ToolSpec }).(PromptVersionToolSpecificationOutput) +} + +// Tool details +type PromptVersionTool1Properties struct { + CachePoint PromptVersionCachePointBlock `pulumi:"cachePoint"` +} + +// Tool details +type PromptVersionTool1PropertiesOutput struct{ *pulumi.OutputState } + +func (PromptVersionTool1PropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*PromptVersionTool1Properties)(nil)).Elem() +} + +func (o PromptVersionTool1PropertiesOutput) ToPromptVersionTool1PropertiesOutput() PromptVersionTool1PropertiesOutput { + return o +} + +func (o PromptVersionTool1PropertiesOutput) ToPromptVersionTool1PropertiesOutputWithContext(ctx context.Context) PromptVersionTool1PropertiesOutput { + return o +} + +func (o PromptVersionTool1PropertiesOutput) CachePoint() PromptVersionCachePointBlockOutput { + return o.ApplyT(func(v PromptVersionTool1Properties) PromptVersionCachePointBlock { return v.CachePoint }).(PromptVersionCachePointBlockOutput) +} + // Tool choice type PromptVersionToolChoice0Properties struct { Auto PromptVersionAutoToolChoice `pulumi:"auto"` @@ -29111,7 +29540,7 @@ func (o PromptVersionToolChoice2PropertiesPtrOutput) Tool() PromptVersionSpecifi type PromptVersionToolConfiguration struct { ToolChoice interface{} `pulumi:"toolChoice"` // List of Tools - Tools []PromptVersionToolProperties `pulumi:"tools"` + Tools []interface{} `pulumi:"tools"` } // Tool configuration @@ -29134,8 +29563,8 @@ func (o PromptVersionToolConfigurationOutput) ToolChoice() pulumi.AnyOutput { } // List of Tools -func (o PromptVersionToolConfigurationOutput) Tools() PromptVersionToolPropertiesArrayOutput { - return o.ApplyT(func(v PromptVersionToolConfiguration) []PromptVersionToolProperties { return v.Tools }).(PromptVersionToolPropertiesArrayOutput) +func (o PromptVersionToolConfigurationOutput) Tools() pulumi.ArrayOutput { + return o.ApplyT(func(v PromptVersionToolConfiguration) []interface{} { return v.Tools }).(pulumi.ArrayOutput) } type PromptVersionToolConfigurationPtrOutput struct{ *pulumi.OutputState } @@ -29172,13 +29601,13 @@ func (o PromptVersionToolConfigurationPtrOutput) ToolChoice() pulumi.AnyOutput { } // List of Tools -func (o PromptVersionToolConfigurationPtrOutput) Tools() PromptVersionToolPropertiesArrayOutput { - return o.ApplyT(func(v *PromptVersionToolConfiguration) []PromptVersionToolProperties { +func (o PromptVersionToolConfigurationPtrOutput) Tools() pulumi.ArrayOutput { + return o.ApplyT(func(v *PromptVersionToolConfiguration) []interface{} { if v == nil { return nil } return v.Tools - }).(PromptVersionToolPropertiesArrayOutput) + }).(pulumi.ArrayOutput) } // Tool input schema json @@ -29210,50 +29639,6 @@ func (o PromptVersionToolInputSchemaPropertiesOutput) Json() pulumi.AnyOutput { return o.ApplyT(func(v PromptVersionToolInputSchemaProperties) interface{} { return v.Json }).(pulumi.AnyOutput) } -// Tool details -type PromptVersionToolProperties struct { - ToolSpec PromptVersionToolSpecification `pulumi:"toolSpec"` -} - -// Tool details -type PromptVersionToolPropertiesOutput struct{ *pulumi.OutputState } - -func (PromptVersionToolPropertiesOutput) ElementType() reflect.Type { - return reflect.TypeOf((*PromptVersionToolProperties)(nil)).Elem() -} - -func (o PromptVersionToolPropertiesOutput) ToPromptVersionToolPropertiesOutput() PromptVersionToolPropertiesOutput { - return o -} - -func (o PromptVersionToolPropertiesOutput) ToPromptVersionToolPropertiesOutputWithContext(ctx context.Context) PromptVersionToolPropertiesOutput { - return o -} - -func (o PromptVersionToolPropertiesOutput) ToolSpec() PromptVersionToolSpecificationOutput { - return o.ApplyT(func(v PromptVersionToolProperties) PromptVersionToolSpecification { return v.ToolSpec }).(PromptVersionToolSpecificationOutput) -} - -type PromptVersionToolPropertiesArrayOutput struct{ *pulumi.OutputState } - -func (PromptVersionToolPropertiesArrayOutput) ElementType() reflect.Type { - return reflect.TypeOf((*[]PromptVersionToolProperties)(nil)).Elem() -} - -func (o PromptVersionToolPropertiesArrayOutput) ToPromptVersionToolPropertiesArrayOutput() PromptVersionToolPropertiesArrayOutput { - return o -} - -func (o PromptVersionToolPropertiesArrayOutput) ToPromptVersionToolPropertiesArrayOutputWithContext(ctx context.Context) PromptVersionToolPropertiesArrayOutput { - return o -} - -func (o PromptVersionToolPropertiesArrayOutput) Index(i pulumi.IntInput) PromptVersionToolPropertiesOutput { - return pulumi.All(o, i).ApplyT(func(vs []interface{}) PromptVersionToolProperties { - return vs[0].([]PromptVersionToolProperties)[vs[1].(int)] - }).(PromptVersionToolPropertiesOutput) -} - // Tool specification type PromptVersionToolSpecification struct { Description *string `pulumi:"description"` @@ -29581,15 +29966,19 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*KnowledgeBaseSupplementalDataStorageLocationArrayInput)(nil)).Elem(), KnowledgeBaseSupplementalDataStorageLocationArray{}) pulumi.RegisterInputType(reflect.TypeOf((*KnowledgeBaseVectorKnowledgeBaseConfigurationInput)(nil)).Elem(), KnowledgeBaseVectorKnowledgeBaseConfigurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*KnowledgeBaseVectorKnowledgeBaseConfigurationPtrInput)(nil)).Elem(), KnowledgeBaseVectorKnowledgeBaseConfigurationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*PromptAdditionalModelRequestFieldsInput)(nil)).Elem(), PromptAdditionalModelRequestFieldsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*PromptAdditionalModelRequestFieldsPtrInput)(nil)).Elem(), PromptAdditionalModelRequestFieldsArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptAgentResourceInput)(nil)).Elem(), PromptAgentResourceArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptAgentResourcePtrInput)(nil)).Elem(), PromptAgentResourceArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptAnyToolChoiceInput)(nil)).Elem(), PromptAnyToolChoiceArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptAnyToolChoicePtrInput)(nil)).Elem(), PromptAnyToolChoiceArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptAutoToolChoiceInput)(nil)).Elem(), PromptAutoToolChoiceArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptAutoToolChoicePtrInput)(nil)).Elem(), PromptAutoToolChoiceArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*PromptCachePointBlockInput)(nil)).Elem(), PromptCachePointBlockArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*PromptCachePointBlockPtrInput)(nil)).Elem(), PromptCachePointBlockArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptChatPromptTemplateConfigurationInput)(nil)).Elem(), PromptChatPromptTemplateConfigurationArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*PromptContentBlockPropertiesInput)(nil)).Elem(), PromptContentBlockPropertiesArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*PromptContentBlockPropertiesArrayInput)(nil)).Elem(), PromptContentBlockPropertiesArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*PromptContentBlock0PropertiesInput)(nil)).Elem(), PromptContentBlock0PropertiesArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*PromptContentBlock1PropertiesInput)(nil)).Elem(), PromptContentBlock1PropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptGenAiResourcePropertiesInput)(nil)).Elem(), PromptGenAiResourcePropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptGenAiResourcePropertiesPtrInput)(nil)).Elem(), PromptGenAiResourcePropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptInferenceConfigurationPropertiesInput)(nil)).Elem(), PromptInferenceConfigurationPropertiesArgs{}) @@ -29602,13 +29991,15 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*PromptModelInferenceConfigurationPtrInput)(nil)).Elem(), PromptModelInferenceConfigurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptSpecificToolChoiceInput)(nil)).Elem(), PromptSpecificToolChoiceArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptSpecificToolChoicePtrInput)(nil)).Elem(), PromptSpecificToolChoiceArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*PromptSystemContentBlockPropertiesInput)(nil)).Elem(), PromptSystemContentBlockPropertiesArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*PromptSystemContentBlockPropertiesArrayInput)(nil)).Elem(), PromptSystemContentBlockPropertiesArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*PromptSystemContentBlock0PropertiesInput)(nil)).Elem(), PromptSystemContentBlock0PropertiesArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*PromptSystemContentBlock1PropertiesInput)(nil)).Elem(), PromptSystemContentBlock1PropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptTemplateConfiguration0PropertiesInput)(nil)).Elem(), PromptTemplateConfiguration0PropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptTemplateConfiguration1PropertiesInput)(nil)).Elem(), PromptTemplateConfiguration1PropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptTextPromptTemplateConfigurationInput)(nil)).Elem(), PromptTextPromptTemplateConfigurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptTextS3LocationInput)(nil)).Elem(), PromptTextS3LocationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptTextS3LocationPtrInput)(nil)).Elem(), PromptTextS3LocationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*PromptTool0PropertiesInput)(nil)).Elem(), PromptTool0PropertiesArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*PromptTool1PropertiesInput)(nil)).Elem(), PromptTool1PropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptToolChoice0PropertiesInput)(nil)).Elem(), PromptToolChoice0PropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptToolChoice0PropertiesPtrInput)(nil)).Elem(), PromptToolChoice0PropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptToolChoice1PropertiesInput)(nil)).Elem(), PromptToolChoice1PropertiesArgs{}) @@ -29618,8 +30009,6 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*PromptToolConfigurationInput)(nil)).Elem(), PromptToolConfigurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptToolConfigurationPtrInput)(nil)).Elem(), PromptToolConfigurationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptToolInputSchemaPropertiesInput)(nil)).Elem(), PromptToolInputSchemaPropertiesArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*PromptToolPropertiesInput)(nil)).Elem(), PromptToolPropertiesArgs{}) - pulumi.RegisterInputType(reflect.TypeOf((*PromptToolPropertiesArrayInput)(nil)).Elem(), PromptToolPropertiesArray{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptToolSpecificationInput)(nil)).Elem(), PromptToolSpecificationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptVariantInput)(nil)).Elem(), PromptVariantArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*PromptVariantArrayInput)(nil)).Elem(), PromptVariantArray{}) @@ -30017,15 +30406,19 @@ func init() { pulumi.RegisterOutputType(KnowledgeBaseSupplementalDataStorageLocationArrayOutput{}) pulumi.RegisterOutputType(KnowledgeBaseVectorKnowledgeBaseConfigurationOutput{}) pulumi.RegisterOutputType(KnowledgeBaseVectorKnowledgeBaseConfigurationPtrOutput{}) + pulumi.RegisterOutputType(PromptAdditionalModelRequestFieldsOutput{}) + pulumi.RegisterOutputType(PromptAdditionalModelRequestFieldsPtrOutput{}) pulumi.RegisterOutputType(PromptAgentResourceOutput{}) pulumi.RegisterOutputType(PromptAgentResourcePtrOutput{}) pulumi.RegisterOutputType(PromptAnyToolChoiceOutput{}) pulumi.RegisterOutputType(PromptAnyToolChoicePtrOutput{}) pulumi.RegisterOutputType(PromptAutoToolChoiceOutput{}) pulumi.RegisterOutputType(PromptAutoToolChoicePtrOutput{}) + pulumi.RegisterOutputType(PromptCachePointBlockOutput{}) + pulumi.RegisterOutputType(PromptCachePointBlockPtrOutput{}) pulumi.RegisterOutputType(PromptChatPromptTemplateConfigurationOutput{}) - pulumi.RegisterOutputType(PromptContentBlockPropertiesOutput{}) - pulumi.RegisterOutputType(PromptContentBlockPropertiesArrayOutput{}) + pulumi.RegisterOutputType(PromptContentBlock0PropertiesOutput{}) + pulumi.RegisterOutputType(PromptContentBlock1PropertiesOutput{}) pulumi.RegisterOutputType(PromptGenAiResourcePropertiesOutput{}) pulumi.RegisterOutputType(PromptGenAiResourcePropertiesPtrOutput{}) pulumi.RegisterOutputType(PromptInferenceConfigurationPropertiesOutput{}) @@ -30038,13 +30431,15 @@ func init() { pulumi.RegisterOutputType(PromptModelInferenceConfigurationPtrOutput{}) pulumi.RegisterOutputType(PromptSpecificToolChoiceOutput{}) pulumi.RegisterOutputType(PromptSpecificToolChoicePtrOutput{}) - pulumi.RegisterOutputType(PromptSystemContentBlockPropertiesOutput{}) - pulumi.RegisterOutputType(PromptSystemContentBlockPropertiesArrayOutput{}) + pulumi.RegisterOutputType(PromptSystemContentBlock0PropertiesOutput{}) + pulumi.RegisterOutputType(PromptSystemContentBlock1PropertiesOutput{}) pulumi.RegisterOutputType(PromptTemplateConfiguration0PropertiesOutput{}) pulumi.RegisterOutputType(PromptTemplateConfiguration1PropertiesOutput{}) pulumi.RegisterOutputType(PromptTextPromptTemplateConfigurationOutput{}) pulumi.RegisterOutputType(PromptTextS3LocationOutput{}) pulumi.RegisterOutputType(PromptTextS3LocationPtrOutput{}) + pulumi.RegisterOutputType(PromptTool0PropertiesOutput{}) + pulumi.RegisterOutputType(PromptTool1PropertiesOutput{}) pulumi.RegisterOutputType(PromptToolChoice0PropertiesOutput{}) pulumi.RegisterOutputType(PromptToolChoice0PropertiesPtrOutput{}) pulumi.RegisterOutputType(PromptToolChoice1PropertiesOutput{}) @@ -30054,18 +30449,20 @@ func init() { pulumi.RegisterOutputType(PromptToolConfigurationOutput{}) pulumi.RegisterOutputType(PromptToolConfigurationPtrOutput{}) pulumi.RegisterOutputType(PromptToolInputSchemaPropertiesOutput{}) - pulumi.RegisterOutputType(PromptToolPropertiesOutput{}) - pulumi.RegisterOutputType(PromptToolPropertiesArrayOutput{}) pulumi.RegisterOutputType(PromptToolSpecificationOutput{}) pulumi.RegisterOutputType(PromptVariantOutput{}) pulumi.RegisterOutputType(PromptVariantArrayOutput{}) + pulumi.RegisterOutputType(PromptVersionAdditionalModelRequestFieldsOutput{}) + pulumi.RegisterOutputType(PromptVersionAdditionalModelRequestFieldsPtrOutput{}) pulumi.RegisterOutputType(PromptVersionAnyToolChoiceOutput{}) pulumi.RegisterOutputType(PromptVersionAnyToolChoicePtrOutput{}) pulumi.RegisterOutputType(PromptVersionAutoToolChoiceOutput{}) pulumi.RegisterOutputType(PromptVersionAutoToolChoicePtrOutput{}) + pulumi.RegisterOutputType(PromptVersionCachePointBlockOutput{}) + pulumi.RegisterOutputType(PromptVersionCachePointBlockPtrOutput{}) pulumi.RegisterOutputType(PromptVersionChatPromptTemplateConfigurationOutput{}) - pulumi.RegisterOutputType(PromptVersionContentBlockPropertiesOutput{}) - pulumi.RegisterOutputType(PromptVersionContentBlockPropertiesArrayOutput{}) + pulumi.RegisterOutputType(PromptVersionContentBlock0PropertiesOutput{}) + pulumi.RegisterOutputType(PromptVersionContentBlock1PropertiesOutput{}) pulumi.RegisterOutputType(PromptVersionMessageOutput{}) pulumi.RegisterOutputType(PromptVersionMessageArrayOutput{}) pulumi.RegisterOutputType(PromptVersionPromptAgentResourceOutput{}) @@ -30084,9 +30481,11 @@ func init() { pulumi.RegisterOutputType(PromptVersionPromptVariantArrayOutput{}) pulumi.RegisterOutputType(PromptVersionSpecificToolChoiceOutput{}) pulumi.RegisterOutputType(PromptVersionSpecificToolChoicePtrOutput{}) - pulumi.RegisterOutputType(PromptVersionSystemContentBlockPropertiesOutput{}) - pulumi.RegisterOutputType(PromptVersionSystemContentBlockPropertiesArrayOutput{}) + pulumi.RegisterOutputType(PromptVersionSystemContentBlock0PropertiesOutput{}) + pulumi.RegisterOutputType(PromptVersionSystemContentBlock1PropertiesOutput{}) pulumi.RegisterOutputType(PromptVersionTextPromptTemplateConfigurationOutput{}) + pulumi.RegisterOutputType(PromptVersionTool0PropertiesOutput{}) + pulumi.RegisterOutputType(PromptVersionTool1PropertiesOutput{}) pulumi.RegisterOutputType(PromptVersionToolChoice0PropertiesOutput{}) pulumi.RegisterOutputType(PromptVersionToolChoice0PropertiesPtrOutput{}) pulumi.RegisterOutputType(PromptVersionToolChoice1PropertiesOutput{}) @@ -30096,7 +30495,5 @@ func init() { pulumi.RegisterOutputType(PromptVersionToolConfigurationOutput{}) pulumi.RegisterOutputType(PromptVersionToolConfigurationPtrOutput{}) pulumi.RegisterOutputType(PromptVersionToolInputSchemaPropertiesOutput{}) - pulumi.RegisterOutputType(PromptVersionToolPropertiesOutput{}) - pulumi.RegisterOutputType(PromptVersionToolPropertiesArrayOutput{}) pulumi.RegisterOutputType(PromptVersionToolSpecificationOutput{}) } diff --git a/sdk/go/aws/cognito/getUserPoolDomain.go b/sdk/go/aws/cognito/getUserPoolDomain.go index 8cefb7b72e..5e31bc021b 100644 --- a/sdk/go/aws/cognito/getUserPoolDomain.go +++ b/sdk/go/aws/cognito/getUserPoolDomain.go @@ -23,8 +23,10 @@ func LookupUserPoolDomain(ctx *pulumi.Context, args *LookupUserPoolDomainArgs, o } type LookupUserPoolDomainArgs struct { - // The resource ID. - Id string `pulumi:"id"` + // The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` . + Domain string `pulumi:"domain"` + // The ID of the user pool that is associated with the domain you're updating. + UserPoolId string `pulumi:"userPoolId"` } type LookupUserPoolDomainResult struct { @@ -34,10 +36,6 @@ type LookupUserPoolDomainResult struct { // // When you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain. CustomDomainConfig *UserPoolDomainCustomDomainConfigType `pulumi:"customDomainConfig"` - // The resource ID. - Id *string `pulumi:"id"` - // A version number that indicates the state of managed login for your domain. Version `1` is hosted UI (classic). Version `2` is the newer managed login with the branding designer. For more information, see [Managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) . - ManagedLoginVersion *int `pulumi:"managedLoginVersion"` } func LookupUserPoolDomainOutput(ctx *pulumi.Context, args LookupUserPoolDomainOutputArgs, opts ...pulumi.InvokeOption) LookupUserPoolDomainResultOutput { @@ -50,8 +48,10 @@ func LookupUserPoolDomainOutput(ctx *pulumi.Context, args LookupUserPoolDomainOu } type LookupUserPoolDomainOutputArgs struct { - // The resource ID. - Id pulumi.StringInput `pulumi:"id"` + // The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` . + Domain pulumi.StringInput `pulumi:"domain"` + // The ID of the user pool that is associated with the domain you're updating. + UserPoolId pulumi.StringInput `pulumi:"userPoolId"` } func (LookupUserPoolDomainOutputArgs) ElementType() reflect.Type { @@ -84,16 +84,6 @@ func (o LookupUserPoolDomainResultOutput) CustomDomainConfig() UserPoolDomainCus return o.ApplyT(func(v LookupUserPoolDomainResult) *UserPoolDomainCustomDomainConfigType { return v.CustomDomainConfig }).(UserPoolDomainCustomDomainConfigTypePtrOutput) } -// The resource ID. -func (o LookupUserPoolDomainResultOutput) Id() pulumi.StringPtrOutput { - return o.ApplyT(func(v LookupUserPoolDomainResult) *string { return v.Id }).(pulumi.StringPtrOutput) -} - -// A version number that indicates the state of managed login for your domain. Version `1` is hosted UI (classic). Version `2` is the newer managed login with the branding designer. For more information, see [Managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) . -func (o LookupUserPoolDomainResultOutput) ManagedLoginVersion() pulumi.IntPtrOutput { - return o.ApplyT(func(v LookupUserPoolDomainResult) *int { return v.ManagedLoginVersion }).(pulumi.IntPtrOutput) -} - func init() { pulumi.RegisterOutputType(LookupUserPoolDomainResultOutput{}) } diff --git a/sdk/go/aws/cognito/userPoolDomain.go b/sdk/go/aws/cognito/userPoolDomain.go index 3b3f55bc75..01f3e233bb 100644 --- a/sdk/go/aws/cognito/userPoolDomain.go +++ b/sdk/go/aws/cognito/userPoolDomain.go @@ -16,8 +16,6 @@ import ( type UserPoolDomain struct { pulumi.CustomResourceState - // The resource ID. - AwsId pulumi.StringOutput `pulumi:"awsId"` // The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider. CloudFrontDistribution pulumi.StringOutput `pulumi:"cloudFrontDistribution"` // The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM. @@ -146,11 +144,6 @@ func (o UserPoolDomainOutput) ToUserPoolDomainOutputWithContext(ctx context.Cont return o } -// The resource ID. -func (o UserPoolDomainOutput) AwsId() pulumi.StringOutput { - return o.ApplyT(func(v *UserPoolDomain) pulumi.StringOutput { return v.AwsId }).(pulumi.StringOutput) -} - // The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider. func (o UserPoolDomainOutput) CloudFrontDistribution() pulumi.StringOutput { return o.ApplyT(func(v *UserPoolDomain) pulumi.StringOutput { return v.CloudFrontDistribution }).(pulumi.StringOutput) diff --git a/sdk/go/aws/connect/contactFlowVersion.go b/sdk/go/aws/connect/contactFlowVersion.go new file mode 100644 index 0000000000..f4207be54b --- /dev/null +++ b/sdk/go/aws/connect/contactFlowVersion.go @@ -0,0 +1,158 @@ +// Code generated by pulumi-language-go DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package connect + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-aws-native/sdk/go/aws/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Resource Type Definition for ContactFlowVersion +type ContactFlowVersion struct { + pulumi.CustomResourceState + + // The ARN of the contact flow this version is tied to. + ContactFlowId pulumi.StringOutput `pulumi:"contactFlowId"` + // The identifier of the contact flow version (ARN). + ContactFlowVersionArn pulumi.StringOutput `pulumi:"contactFlowVersionArn"` + // The description of the version. + Description pulumi.StringPtrOutput `pulumi:"description"` + // Indicates the checksum value of the latest published flow content + FlowContentSha256 pulumi.StringOutput `pulumi:"flowContentSha256"` + // The version number of this revision + Version pulumi.IntOutput `pulumi:"version"` +} + +// NewContactFlowVersion registers a new resource with the given unique name, arguments, and options. +func NewContactFlowVersion(ctx *pulumi.Context, + name string, args *ContactFlowVersionArgs, opts ...pulumi.ResourceOption) (*ContactFlowVersion, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.ContactFlowId == nil { + return nil, errors.New("invalid value for required argument 'ContactFlowId'") + } + replaceOnChanges := pulumi.ReplaceOnChanges([]string{ + "contactFlowId", + "description", + }) + opts = append(opts, replaceOnChanges) + opts = internal.PkgResourceDefaultOpts(opts) + var resource ContactFlowVersion + err := ctx.RegisterResource("aws-native:connect:ContactFlowVersion", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetContactFlowVersion gets an existing ContactFlowVersion resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetContactFlowVersion(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *ContactFlowVersionState, opts ...pulumi.ResourceOption) (*ContactFlowVersion, error) { + var resource ContactFlowVersion + err := ctx.ReadResource("aws-native:connect:ContactFlowVersion", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering ContactFlowVersion resources. +type contactFlowVersionState struct { +} + +type ContactFlowVersionState struct { +} + +func (ContactFlowVersionState) ElementType() reflect.Type { + return reflect.TypeOf((*contactFlowVersionState)(nil)).Elem() +} + +type contactFlowVersionArgs struct { + // The ARN of the contact flow this version is tied to. + ContactFlowId string `pulumi:"contactFlowId"` + // The description of the version. + Description *string `pulumi:"description"` +} + +// The set of arguments for constructing a ContactFlowVersion resource. +type ContactFlowVersionArgs struct { + // The ARN of the contact flow this version is tied to. + ContactFlowId pulumi.StringInput + // The description of the version. + Description pulumi.StringPtrInput +} + +func (ContactFlowVersionArgs) ElementType() reflect.Type { + return reflect.TypeOf((*contactFlowVersionArgs)(nil)).Elem() +} + +type ContactFlowVersionInput interface { + pulumi.Input + + ToContactFlowVersionOutput() ContactFlowVersionOutput + ToContactFlowVersionOutputWithContext(ctx context.Context) ContactFlowVersionOutput +} + +func (*ContactFlowVersion) ElementType() reflect.Type { + return reflect.TypeOf((**ContactFlowVersion)(nil)).Elem() +} + +func (i *ContactFlowVersion) ToContactFlowVersionOutput() ContactFlowVersionOutput { + return i.ToContactFlowVersionOutputWithContext(context.Background()) +} + +func (i *ContactFlowVersion) ToContactFlowVersionOutputWithContext(ctx context.Context) ContactFlowVersionOutput { + return pulumi.ToOutputWithContext(ctx, i).(ContactFlowVersionOutput) +} + +type ContactFlowVersionOutput struct{ *pulumi.OutputState } + +func (ContactFlowVersionOutput) ElementType() reflect.Type { + return reflect.TypeOf((**ContactFlowVersion)(nil)).Elem() +} + +func (o ContactFlowVersionOutput) ToContactFlowVersionOutput() ContactFlowVersionOutput { + return o +} + +func (o ContactFlowVersionOutput) ToContactFlowVersionOutputWithContext(ctx context.Context) ContactFlowVersionOutput { + return o +} + +// The ARN of the contact flow this version is tied to. +func (o ContactFlowVersionOutput) ContactFlowId() pulumi.StringOutput { + return o.ApplyT(func(v *ContactFlowVersion) pulumi.StringOutput { return v.ContactFlowId }).(pulumi.StringOutput) +} + +// The identifier of the contact flow version (ARN). +func (o ContactFlowVersionOutput) ContactFlowVersionArn() pulumi.StringOutput { + return o.ApplyT(func(v *ContactFlowVersion) pulumi.StringOutput { return v.ContactFlowVersionArn }).(pulumi.StringOutput) +} + +// The description of the version. +func (o ContactFlowVersionOutput) Description() pulumi.StringPtrOutput { + return o.ApplyT(func(v *ContactFlowVersion) pulumi.StringPtrOutput { return v.Description }).(pulumi.StringPtrOutput) +} + +// Indicates the checksum value of the latest published flow content +func (o ContactFlowVersionOutput) FlowContentSha256() pulumi.StringOutput { + return o.ApplyT(func(v *ContactFlowVersion) pulumi.StringOutput { return v.FlowContentSha256 }).(pulumi.StringOutput) +} + +// The version number of this revision +func (o ContactFlowVersionOutput) Version() pulumi.IntOutput { + return o.ApplyT(func(v *ContactFlowVersion) pulumi.IntOutput { return v.Version }).(pulumi.IntOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*ContactFlowVersionInput)(nil)).Elem(), &ContactFlowVersion{}) + pulumi.RegisterOutputType(ContactFlowVersionOutput{}) +} diff --git a/sdk/go/aws/connect/getContactFlowVersion.go b/sdk/go/aws/connect/getContactFlowVersion.go new file mode 100644 index 0000000000..c6c0b3d86d --- /dev/null +++ b/sdk/go/aws/connect/getContactFlowVersion.go @@ -0,0 +1,88 @@ +// Code generated by pulumi-language-go DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package connect + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-aws-native/sdk/go/aws/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Resource Type Definition for ContactFlowVersion +func LookupContactFlowVersion(ctx *pulumi.Context, args *LookupContactFlowVersionArgs, opts ...pulumi.InvokeOption) (*LookupContactFlowVersionResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv LookupContactFlowVersionResult + err := ctx.Invoke("aws-native:connect:getContactFlowVersion", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +type LookupContactFlowVersionArgs struct { + // The identifier of the contact flow version (ARN). + ContactFlowVersionArn string `pulumi:"contactFlowVersionArn"` +} + +type LookupContactFlowVersionResult struct { + // The identifier of the contact flow version (ARN). + ContactFlowVersionArn *string `pulumi:"contactFlowVersionArn"` + // Indicates the checksum value of the latest published flow content + FlowContentSha256 *string `pulumi:"flowContentSha256"` + // The version number of this revision + Version *int `pulumi:"version"` +} + +func LookupContactFlowVersionOutput(ctx *pulumi.Context, args LookupContactFlowVersionOutputArgs, opts ...pulumi.InvokeOption) LookupContactFlowVersionResultOutput { + return pulumi.ToOutputWithContext(ctx.Context(), args). + ApplyT(func(v interface{}) (LookupContactFlowVersionResultOutput, error) { + args := v.(LookupContactFlowVersionArgs) + options := pulumi.InvokeOutputOptions{InvokeOptions: internal.PkgInvokeDefaultOpts(opts)} + return ctx.InvokeOutput("aws-native:connect:getContactFlowVersion", args, LookupContactFlowVersionResultOutput{}, options).(LookupContactFlowVersionResultOutput), nil + }).(LookupContactFlowVersionResultOutput) +} + +type LookupContactFlowVersionOutputArgs struct { + // The identifier of the contact flow version (ARN). + ContactFlowVersionArn pulumi.StringInput `pulumi:"contactFlowVersionArn"` +} + +func (LookupContactFlowVersionOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LookupContactFlowVersionArgs)(nil)).Elem() +} + +type LookupContactFlowVersionResultOutput struct{ *pulumi.OutputState } + +func (LookupContactFlowVersionResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LookupContactFlowVersionResult)(nil)).Elem() +} + +func (o LookupContactFlowVersionResultOutput) ToLookupContactFlowVersionResultOutput() LookupContactFlowVersionResultOutput { + return o +} + +func (o LookupContactFlowVersionResultOutput) ToLookupContactFlowVersionResultOutputWithContext(ctx context.Context) LookupContactFlowVersionResultOutput { + return o +} + +// The identifier of the contact flow version (ARN). +func (o LookupContactFlowVersionResultOutput) ContactFlowVersionArn() pulumi.StringPtrOutput { + return o.ApplyT(func(v LookupContactFlowVersionResult) *string { return v.ContactFlowVersionArn }).(pulumi.StringPtrOutput) +} + +// Indicates the checksum value of the latest published flow content +func (o LookupContactFlowVersionResultOutput) FlowContentSha256() pulumi.StringPtrOutput { + return o.ApplyT(func(v LookupContactFlowVersionResult) *string { return v.FlowContentSha256 }).(pulumi.StringPtrOutput) +} + +// The version number of this revision +func (o LookupContactFlowVersionResultOutput) Version() pulumi.IntPtrOutput { + return o.ApplyT(func(v LookupContactFlowVersionResult) *int { return v.Version }).(pulumi.IntPtrOutput) +} + +func init() { + pulumi.RegisterOutputType(LookupContactFlowVersionResultOutput{}) +} diff --git a/sdk/go/aws/connect/init.go b/sdk/go/aws/connect/init.go index 2939342684..3da4738283 100644 --- a/sdk/go/aws/connect/init.go +++ b/sdk/go/aws/connect/init.go @@ -29,6 +29,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi r = &ContactFlow{} case "aws-native:connect:ContactFlowModule": r = &ContactFlowModule{} + case "aws-native:connect:ContactFlowVersion": + r = &ContactFlowVersion{} case "aws-native:connect:EmailAddress": r = &EmailAddress{} case "aws-native:connect:EvaluationForm": diff --git a/sdk/go/aws/datasync/getLocationSmb.go b/sdk/go/aws/datasync/getLocationSmb.go index 54b30bb19c..20d9c93109 100644 --- a/sdk/go/aws/datasync/getLocationSmb.go +++ b/sdk/go/aws/datasync/getLocationSmb.go @@ -31,8 +31,14 @@ type LookupLocationSmbArgs struct { type LookupLocationSmbResult struct { // The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location. AgentArns []string `pulumi:"agentArns"` + // The authentication mode used to determine identity of user. + AuthenticationType *LocationSmbAuthenticationType `pulumi:"authenticationType"` + // Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + DnsIpAddresses []string `pulumi:"dnsIpAddresses"` // The name of the Windows domain that the SMB server belongs to. Domain *string `pulumi:"domain"` + // Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + KerberosPrincipal *string `pulumi:"kerberosPrincipal"` // The Amazon Resource Name (ARN) of the SMB location that is created. LocationArn *string `pulumi:"locationArn"` // The URL of the SMB location that was described. @@ -82,11 +88,26 @@ func (o LookupLocationSmbResultOutput) AgentArns() pulumi.StringArrayOutput { return o.ApplyT(func(v LookupLocationSmbResult) []string { return v.AgentArns }).(pulumi.StringArrayOutput) } +// The authentication mode used to determine identity of user. +func (o LookupLocationSmbResultOutput) AuthenticationType() LocationSmbAuthenticationTypePtrOutput { + return o.ApplyT(func(v LookupLocationSmbResult) *LocationSmbAuthenticationType { return v.AuthenticationType }).(LocationSmbAuthenticationTypePtrOutput) +} + +// Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. +func (o LookupLocationSmbResultOutput) DnsIpAddresses() pulumi.StringArrayOutput { + return o.ApplyT(func(v LookupLocationSmbResult) []string { return v.DnsIpAddresses }).(pulumi.StringArrayOutput) +} + // The name of the Windows domain that the SMB server belongs to. func (o LookupLocationSmbResultOutput) Domain() pulumi.StringPtrOutput { return o.ApplyT(func(v LookupLocationSmbResult) *string { return v.Domain }).(pulumi.StringPtrOutput) } +// Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. +func (o LookupLocationSmbResultOutput) KerberosPrincipal() pulumi.StringPtrOutput { + return o.ApplyT(func(v LookupLocationSmbResult) *string { return v.KerberosPrincipal }).(pulumi.StringPtrOutput) +} + // The Amazon Resource Name (ARN) of the SMB location that is created. func (o LookupLocationSmbResultOutput) LocationArn() pulumi.StringPtrOutput { return o.ApplyT(func(v LookupLocationSmbResult) *string { return v.LocationArn }).(pulumi.StringPtrOutput) diff --git a/sdk/go/aws/datasync/locationSmb.go b/sdk/go/aws/datasync/locationSmb.go index b95bde02a1..2394a48932 100644 --- a/sdk/go/aws/datasync/locationSmb.go +++ b/sdk/go/aws/datasync/locationSmb.go @@ -19,8 +19,18 @@ type LocationSmb struct { // The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location. AgentArns pulumi.StringArrayOutput `pulumi:"agentArns"` + // The authentication mode used to determine identity of user. + AuthenticationType LocationSmbAuthenticationTypePtrOutput `pulumi:"authenticationType"` + // Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + DnsIpAddresses pulumi.StringArrayOutput `pulumi:"dnsIpAddresses"` // The name of the Windows domain that the SMB server belongs to. Domain pulumi.StringPtrOutput `pulumi:"domain"` + // The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file. + KerberosKeytab pulumi.StringPtrOutput `pulumi:"kerberosKeytab"` + // The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file. + KerberosKrb5Conf pulumi.StringPtrOutput `pulumi:"kerberosKrb5Conf"` + // Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + KerberosPrincipal pulumi.StringPtrOutput `pulumi:"kerberosPrincipal"` // The Amazon Resource Name (ARN) of the SMB location that is created. LocationArn pulumi.StringOutput `pulumi:"locationArn"` // The URL of the SMB location that was described. @@ -36,7 +46,7 @@ type LocationSmb struct { // An array of key-value pairs to apply to this resource. Tags aws.TagArrayOutput `pulumi:"tags"` // The user who can mount the share, has the permissions to access files and folders in the SMB share. - User pulumi.StringOutput `pulumi:"user"` + User pulumi.StringPtrOutput `pulumi:"user"` } // NewLocationSmb registers a new resource with the given unique name, arguments, and options. @@ -49,13 +59,6 @@ func NewLocationSmb(ctx *pulumi.Context, if args.AgentArns == nil { return nil, errors.New("invalid value for required argument 'AgentArns'") } - if args.User == nil { - return nil, errors.New("invalid value for required argument 'User'") - } - replaceOnChanges := pulumi.ReplaceOnChanges([]string{ - "serverHostname", - }) - opts = append(opts, replaceOnChanges) opts = internal.PkgResourceDefaultOpts(opts) var resource LocationSmb err := ctx.RegisterResource("aws-native:datasync:LocationSmb", name, args, &resource, opts...) @@ -91,8 +94,18 @@ func (LocationSmbState) ElementType() reflect.Type { type locationSmbArgs struct { // The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location. AgentArns []string `pulumi:"agentArns"` + // The authentication mode used to determine identity of user. + AuthenticationType *LocationSmbAuthenticationType `pulumi:"authenticationType"` + // Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + DnsIpAddresses []string `pulumi:"dnsIpAddresses"` // The name of the Windows domain that the SMB server belongs to. Domain *string `pulumi:"domain"` + // The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file. + KerberosKeytab *string `pulumi:"kerberosKeytab"` + // The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file. + KerberosKrb5Conf *string `pulumi:"kerberosKrb5Conf"` + // Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + KerberosPrincipal *string `pulumi:"kerberosPrincipal"` // Specifies the version of the SMB protocol that DataSync uses to access your SMB file server. MountOptions *LocationSmbMountOptions `pulumi:"mountOptions"` // The password of the user who can mount the share and has the permissions to access files and folders in the SMB share. @@ -104,15 +117,25 @@ type locationSmbArgs struct { // An array of key-value pairs to apply to this resource. Tags []aws.Tag `pulumi:"tags"` // The user who can mount the share, has the permissions to access files and folders in the SMB share. - User string `pulumi:"user"` + User *string `pulumi:"user"` } // The set of arguments for constructing a LocationSmb resource. type LocationSmbArgs struct { // The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location. AgentArns pulumi.StringArrayInput + // The authentication mode used to determine identity of user. + AuthenticationType LocationSmbAuthenticationTypePtrInput + // Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + DnsIpAddresses pulumi.StringArrayInput // The name of the Windows domain that the SMB server belongs to. Domain pulumi.StringPtrInput + // The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file. + KerberosKeytab pulumi.StringPtrInput + // The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file. + KerberosKrb5Conf pulumi.StringPtrInput + // Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + KerberosPrincipal pulumi.StringPtrInput // Specifies the version of the SMB protocol that DataSync uses to access your SMB file server. MountOptions LocationSmbMountOptionsPtrInput // The password of the user who can mount the share and has the permissions to access files and folders in the SMB share. @@ -124,7 +147,7 @@ type LocationSmbArgs struct { // An array of key-value pairs to apply to this resource. Tags aws.TagArrayInput // The user who can mount the share, has the permissions to access files and folders in the SMB share. - User pulumi.StringInput + User pulumi.StringPtrInput } func (LocationSmbArgs) ElementType() reflect.Type { @@ -169,11 +192,36 @@ func (o LocationSmbOutput) AgentArns() pulumi.StringArrayOutput { return o.ApplyT(func(v *LocationSmb) pulumi.StringArrayOutput { return v.AgentArns }).(pulumi.StringArrayOutput) } +// The authentication mode used to determine identity of user. +func (o LocationSmbOutput) AuthenticationType() LocationSmbAuthenticationTypePtrOutput { + return o.ApplyT(func(v *LocationSmb) LocationSmbAuthenticationTypePtrOutput { return v.AuthenticationType }).(LocationSmbAuthenticationTypePtrOutput) +} + +// Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. +func (o LocationSmbOutput) DnsIpAddresses() pulumi.StringArrayOutput { + return o.ApplyT(func(v *LocationSmb) pulumi.StringArrayOutput { return v.DnsIpAddresses }).(pulumi.StringArrayOutput) +} + // The name of the Windows domain that the SMB server belongs to. func (o LocationSmbOutput) Domain() pulumi.StringPtrOutput { return o.ApplyT(func(v *LocationSmb) pulumi.StringPtrOutput { return v.Domain }).(pulumi.StringPtrOutput) } +// The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file. +func (o LocationSmbOutput) KerberosKeytab() pulumi.StringPtrOutput { + return o.ApplyT(func(v *LocationSmb) pulumi.StringPtrOutput { return v.KerberosKeytab }).(pulumi.StringPtrOutput) +} + +// The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file. +func (o LocationSmbOutput) KerberosKrb5Conf() pulumi.StringPtrOutput { + return o.ApplyT(func(v *LocationSmb) pulumi.StringPtrOutput { return v.KerberosKrb5Conf }).(pulumi.StringPtrOutput) +} + +// Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. +func (o LocationSmbOutput) KerberosPrincipal() pulumi.StringPtrOutput { + return o.ApplyT(func(v *LocationSmb) pulumi.StringPtrOutput { return v.KerberosPrincipal }).(pulumi.StringPtrOutput) +} + // The Amazon Resource Name (ARN) of the SMB location that is created. func (o LocationSmbOutput) LocationArn() pulumi.StringOutput { return o.ApplyT(func(v *LocationSmb) pulumi.StringOutput { return v.LocationArn }).(pulumi.StringOutput) @@ -210,8 +258,8 @@ func (o LocationSmbOutput) Tags() aws.TagArrayOutput { } // The user who can mount the share, has the permissions to access files and folders in the SMB share. -func (o LocationSmbOutput) User() pulumi.StringOutput { - return o.ApplyT(func(v *LocationSmb) pulumi.StringOutput { return v.User }).(pulumi.StringOutput) +func (o LocationSmbOutput) User() pulumi.StringPtrOutput { + return o.ApplyT(func(v *LocationSmb) pulumi.StringPtrOutput { return v.User }).(pulumi.StringPtrOutput) } func init() { diff --git a/sdk/go/aws/datasync/pulumiEnums.go b/sdk/go/aws/datasync/pulumiEnums.go index 1e833315dd..dcaed11320 100644 --- a/sdk/go/aws/datasync/pulumiEnums.go +++ b/sdk/go/aws/datasync/pulumiEnums.go @@ -2290,6 +2290,172 @@ func (in *locationS3S3StorageClassPtr) ToLocationS3S3StorageClassPtrOutputWithCo return pulumi.ToOutputWithContext(ctx, in).(LocationS3S3StorageClassPtrOutput) } +// The authentication mode used to determine identity of user. +type LocationSmbAuthenticationType string + +const ( + LocationSmbAuthenticationTypeNtlm = LocationSmbAuthenticationType("NTLM") + LocationSmbAuthenticationTypeKerberos = LocationSmbAuthenticationType("KERBEROS") +) + +func (LocationSmbAuthenticationType) ElementType() reflect.Type { + return reflect.TypeOf((*LocationSmbAuthenticationType)(nil)).Elem() +} + +func (e LocationSmbAuthenticationType) ToLocationSmbAuthenticationTypeOutput() LocationSmbAuthenticationTypeOutput { + return pulumi.ToOutput(e).(LocationSmbAuthenticationTypeOutput) +} + +func (e LocationSmbAuthenticationType) ToLocationSmbAuthenticationTypeOutputWithContext(ctx context.Context) LocationSmbAuthenticationTypeOutput { + return pulumi.ToOutputWithContext(ctx, e).(LocationSmbAuthenticationTypeOutput) +} + +func (e LocationSmbAuthenticationType) ToLocationSmbAuthenticationTypePtrOutput() LocationSmbAuthenticationTypePtrOutput { + return e.ToLocationSmbAuthenticationTypePtrOutputWithContext(context.Background()) +} + +func (e LocationSmbAuthenticationType) ToLocationSmbAuthenticationTypePtrOutputWithContext(ctx context.Context) LocationSmbAuthenticationTypePtrOutput { + return LocationSmbAuthenticationType(e).ToLocationSmbAuthenticationTypeOutputWithContext(ctx).ToLocationSmbAuthenticationTypePtrOutputWithContext(ctx) +} + +func (e LocationSmbAuthenticationType) ToStringOutput() pulumi.StringOutput { + return pulumi.ToOutput(pulumi.String(e)).(pulumi.StringOutput) +} + +func (e LocationSmbAuthenticationType) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput { + return pulumi.ToOutputWithContext(ctx, pulumi.String(e)).(pulumi.StringOutput) +} + +func (e LocationSmbAuthenticationType) ToStringPtrOutput() pulumi.StringPtrOutput { + return pulumi.String(e).ToStringPtrOutputWithContext(context.Background()) +} + +func (e LocationSmbAuthenticationType) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput { + return pulumi.String(e).ToStringOutputWithContext(ctx).ToStringPtrOutputWithContext(ctx) +} + +type LocationSmbAuthenticationTypeOutput struct{ *pulumi.OutputState } + +func (LocationSmbAuthenticationTypeOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LocationSmbAuthenticationType)(nil)).Elem() +} + +func (o LocationSmbAuthenticationTypeOutput) ToLocationSmbAuthenticationTypeOutput() LocationSmbAuthenticationTypeOutput { + return o +} + +func (o LocationSmbAuthenticationTypeOutput) ToLocationSmbAuthenticationTypeOutputWithContext(ctx context.Context) LocationSmbAuthenticationTypeOutput { + return o +} + +func (o LocationSmbAuthenticationTypeOutput) ToLocationSmbAuthenticationTypePtrOutput() LocationSmbAuthenticationTypePtrOutput { + return o.ToLocationSmbAuthenticationTypePtrOutputWithContext(context.Background()) +} + +func (o LocationSmbAuthenticationTypeOutput) ToLocationSmbAuthenticationTypePtrOutputWithContext(ctx context.Context) LocationSmbAuthenticationTypePtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v LocationSmbAuthenticationType) *LocationSmbAuthenticationType { + return &v + }).(LocationSmbAuthenticationTypePtrOutput) +} + +func (o LocationSmbAuthenticationTypeOutput) ToStringOutput() pulumi.StringOutput { + return o.ToStringOutputWithContext(context.Background()) +} + +func (o LocationSmbAuthenticationTypeOutput) ToStringOutputWithContext(ctx context.Context) pulumi.StringOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, e LocationSmbAuthenticationType) string { + return string(e) + }).(pulumi.StringOutput) +} + +func (o LocationSmbAuthenticationTypeOutput) ToStringPtrOutput() pulumi.StringPtrOutput { + return o.ToStringPtrOutputWithContext(context.Background()) +} + +func (o LocationSmbAuthenticationTypeOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, e LocationSmbAuthenticationType) *string { + v := string(e) + return &v + }).(pulumi.StringPtrOutput) +} + +type LocationSmbAuthenticationTypePtrOutput struct{ *pulumi.OutputState } + +func (LocationSmbAuthenticationTypePtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**LocationSmbAuthenticationType)(nil)).Elem() +} + +func (o LocationSmbAuthenticationTypePtrOutput) ToLocationSmbAuthenticationTypePtrOutput() LocationSmbAuthenticationTypePtrOutput { + return o +} + +func (o LocationSmbAuthenticationTypePtrOutput) ToLocationSmbAuthenticationTypePtrOutputWithContext(ctx context.Context) LocationSmbAuthenticationTypePtrOutput { + return o +} + +func (o LocationSmbAuthenticationTypePtrOutput) Elem() LocationSmbAuthenticationTypeOutput { + return o.ApplyT(func(v *LocationSmbAuthenticationType) LocationSmbAuthenticationType { + if v != nil { + return *v + } + var ret LocationSmbAuthenticationType + return ret + }).(LocationSmbAuthenticationTypeOutput) +} + +func (o LocationSmbAuthenticationTypePtrOutput) ToStringPtrOutput() pulumi.StringPtrOutput { + return o.ToStringPtrOutputWithContext(context.Background()) +} + +func (o LocationSmbAuthenticationTypePtrOutput) ToStringPtrOutputWithContext(ctx context.Context) pulumi.StringPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, e *LocationSmbAuthenticationType) *string { + if e == nil { + return nil + } + v := string(*e) + return &v + }).(pulumi.StringPtrOutput) +} + +// LocationSmbAuthenticationTypeInput is an input type that accepts values of the LocationSmbAuthenticationType enum +// A concrete instance of `LocationSmbAuthenticationTypeInput` can be one of the following: +// +// LocationSmbAuthenticationTypeNtlm +// LocationSmbAuthenticationTypeKerberos +type LocationSmbAuthenticationTypeInput interface { + pulumi.Input + + ToLocationSmbAuthenticationTypeOutput() LocationSmbAuthenticationTypeOutput + ToLocationSmbAuthenticationTypeOutputWithContext(context.Context) LocationSmbAuthenticationTypeOutput +} + +var locationSmbAuthenticationTypePtrType = reflect.TypeOf((**LocationSmbAuthenticationType)(nil)).Elem() + +type LocationSmbAuthenticationTypePtrInput interface { + pulumi.Input + + ToLocationSmbAuthenticationTypePtrOutput() LocationSmbAuthenticationTypePtrOutput + ToLocationSmbAuthenticationTypePtrOutputWithContext(context.Context) LocationSmbAuthenticationTypePtrOutput +} + +type locationSmbAuthenticationTypePtr string + +func LocationSmbAuthenticationTypePtr(v string) LocationSmbAuthenticationTypePtrInput { + return (*locationSmbAuthenticationTypePtr)(&v) +} + +func (*locationSmbAuthenticationTypePtr) ElementType() reflect.Type { + return locationSmbAuthenticationTypePtrType +} + +func (in *locationSmbAuthenticationTypePtr) ToLocationSmbAuthenticationTypePtrOutput() LocationSmbAuthenticationTypePtrOutput { + return pulumi.ToOutput(in).(LocationSmbAuthenticationTypePtrOutput) +} + +func (in *locationSmbAuthenticationTypePtr) ToLocationSmbAuthenticationTypePtrOutputWithContext(ctx context.Context) LocationSmbAuthenticationTypePtrOutput { + return pulumi.ToOutputWithContext(ctx, in).(LocationSmbAuthenticationTypePtrOutput) +} + // The specific SMB version that you want DataSync to use to mount your SMB share. type LocationSmbMountOptionsVersion string @@ -7163,6 +7329,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*LocationObjectStorageServerProtocolPtrInput)(nil)).Elem(), LocationObjectStorageServerProtocol("HTTPS")) pulumi.RegisterInputType(reflect.TypeOf((*LocationS3S3StorageClassInput)(nil)).Elem(), LocationS3S3StorageClass("STANDARD")) pulumi.RegisterInputType(reflect.TypeOf((*LocationS3S3StorageClassPtrInput)(nil)).Elem(), LocationS3S3StorageClass("STANDARD")) + pulumi.RegisterInputType(reflect.TypeOf((*LocationSmbAuthenticationTypeInput)(nil)).Elem(), LocationSmbAuthenticationType("NTLM")) + pulumi.RegisterInputType(reflect.TypeOf((*LocationSmbAuthenticationTypePtrInput)(nil)).Elem(), LocationSmbAuthenticationType("NTLM")) pulumi.RegisterInputType(reflect.TypeOf((*LocationSmbMountOptionsVersionInput)(nil)).Elem(), LocationSmbMountOptionsVersion("AUTOMATIC")) pulumi.RegisterInputType(reflect.TypeOf((*LocationSmbMountOptionsVersionPtrInput)(nil)).Elem(), LocationSmbMountOptionsVersion("AUTOMATIC")) pulumi.RegisterInputType(reflect.TypeOf((*StorageSystemSystemTypeInput)(nil)).Elem(), StorageSystemSystemType("NetAppONTAP")) @@ -7247,6 +7415,8 @@ func init() { pulumi.RegisterOutputType(LocationObjectStorageServerProtocolPtrOutput{}) pulumi.RegisterOutputType(LocationS3S3StorageClassOutput{}) pulumi.RegisterOutputType(LocationS3S3StorageClassPtrOutput{}) + pulumi.RegisterOutputType(LocationSmbAuthenticationTypeOutput{}) + pulumi.RegisterOutputType(LocationSmbAuthenticationTypePtrOutput{}) pulumi.RegisterOutputType(LocationSmbMountOptionsVersionOutput{}) pulumi.RegisterOutputType(LocationSmbMountOptionsVersionPtrOutput{}) pulumi.RegisterOutputType(StorageSystemConnectivityStatusOutput{}) diff --git a/sdk/go/aws/ecs/cluster.go b/sdk/go/aws/ecs/cluster.go index a0c8990719..10e57a583a 100644 --- a/sdk/go/aws/ecs/cluster.go +++ b/sdk/go/aws/ecs/cluster.go @@ -25,7 +25,9 @@ type Cluster struct { CapacityProviders pulumi.StringArrayOutput `pulumi:"capacityProviders"` // A user-generated string that you use to identify your cluster. If you don't specify a name, CFNlong generates a unique physical ID for the name. ClusterName pulumi.StringPtrOutput `pulumi:"clusterName"` - // The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + // The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + // Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + // For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. ClusterSettings ClusterSettingsArrayOutput `pulumi:"clusterSettings"` // The execute command and managed storage configuration for the cluster. Configuration ClusterConfigurationPtrOutput `pulumi:"configuration"` @@ -97,7 +99,9 @@ type clusterArgs struct { CapacityProviders []string `pulumi:"capacityProviders"` // A user-generated string that you use to identify your cluster. If you don't specify a name, CFNlong generates a unique physical ID for the name. ClusterName *string `pulumi:"clusterName"` - // The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + // The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + // Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + // For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. ClusterSettings []ClusterSettings `pulumi:"clusterSettings"` // The execute command and managed storage configuration for the cluster. Configuration *ClusterConfiguration `pulumi:"configuration"` @@ -127,7 +131,9 @@ type ClusterArgs struct { CapacityProviders pulumi.StringArrayInput // A user-generated string that you use to identify your cluster. If you don't specify a name, CFNlong generates a unique physical ID for the name. ClusterName pulumi.StringPtrInput - // The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + // The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + // Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + // For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. ClusterSettings ClusterSettingsArrayInput // The execute command and managed storage configuration for the cluster. Configuration ClusterConfigurationPtrInput @@ -204,7 +210,10 @@ func (o ClusterOutput) ClusterName() pulumi.StringPtrOutput { return o.ApplyT(func(v *Cluster) pulumi.StringPtrOutput { return v.ClusterName }).(pulumi.StringPtrOutput) } -// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. +// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. +// +// Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. +// For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. func (o ClusterOutput) ClusterSettings() ClusterSettingsArrayOutput { return o.ApplyT(func(v *Cluster) ClusterSettingsArrayOutput { return v.ClusterSettings }).(ClusterSettingsArrayOutput) } diff --git a/sdk/go/aws/ecs/getCluster.go b/sdk/go/aws/ecs/getCluster.go index c48798fc8d..6aa61248f3 100644 --- a/sdk/go/aws/ecs/getCluster.go +++ b/sdk/go/aws/ecs/getCluster.go @@ -36,7 +36,9 @@ type LookupClusterResult struct { // To use a FARGATElong capacity provider, specify either the ``FARGATE`` or ``FARGATE_SPOT`` capacity providers. The FARGATElong capacity providers are available to all accounts and only need to be associated with a cluster to be used. // The [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created. CapacityProviders []string `pulumi:"capacityProviders"` - // The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + // The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + // Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + // For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. ClusterSettings []ClusterSettings `pulumi:"clusterSettings"` // The execute command and managed storage configuration for the cluster. Configuration *ClusterConfiguration `pulumi:"configuration"` @@ -100,7 +102,10 @@ func (o LookupClusterResultOutput) CapacityProviders() pulumi.StringArrayOutput return o.ApplyT(func(v LookupClusterResult) []string { return v.CapacityProviders }).(pulumi.StringArrayOutput) } -// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. +// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. +// +// Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. +// For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. func (o LookupClusterResultOutput) ClusterSettings() ClusterSettingsArrayOutput { return o.ApplyT(func(v LookupClusterResult) []ClusterSettings { return v.ClusterSettings }).(ClusterSettingsArrayOutput) } diff --git a/sdk/go/aws/ecs/pulumiTypes.go b/sdk/go/aws/ecs/pulumiTypes.go index 9d38a7648b..875bacf27e 100644 --- a/sdk/go/aws/ecs/pulumiTypes.go +++ b/sdk/go/aws/ecs/pulumiTypes.go @@ -1609,12 +1609,17 @@ func (o ClusterServiceConnectDefaultsPtrOutput) Namespace() pulumi.StringPtrOutp }).(pulumi.StringPtrOutput) } -// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. +// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. +// +// Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. +// For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. type ClusterSettings struct { // The name of the cluster setting. The value is ``containerInsights`` . Name *string `pulumi:"name"` - // The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. - // If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). + // The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. + // To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. + // To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. + // If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). Value *string `pulumi:"value"` } @@ -1629,12 +1634,17 @@ type ClusterSettingsInput interface { ToClusterSettingsOutputWithContext(context.Context) ClusterSettingsOutput } -// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. +// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. +// +// Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. +// For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. type ClusterSettingsArgs struct { // The name of the cluster setting. The value is ``containerInsights`` . Name pulumi.StringPtrInput `pulumi:"name"` - // The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. - // If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). + // The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. + // To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. + // To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. + // If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). Value pulumi.StringPtrInput `pulumi:"value"` } @@ -1675,7 +1685,10 @@ func (i ClusterSettingsArray) ToClusterSettingsArrayOutputWithContext(ctx contex return pulumi.ToOutputWithContext(ctx, i).(ClusterSettingsArrayOutput) } -// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. +// The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. +// +// Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. +// For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. type ClusterSettingsOutput struct{ *pulumi.OutputState } func (ClusterSettingsOutput) ElementType() reflect.Type { @@ -1695,9 +1708,11 @@ func (o ClusterSettingsOutput) Name() pulumi.StringPtrOutput { return o.ApplyT(func(v ClusterSettings) *string { return v.Name }).(pulumi.StringPtrOutput) } -// The value to set for the cluster setting. The supported values are “enabled“ and “disabled“. +// The value to set for the cluster setting. The supported values are “enhanced“, “enabled“, and “disabled“. // -// If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). +// To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. +// To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. +// If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). func (o ClusterSettingsOutput) Value() pulumi.StringPtrOutput { return o.ApplyT(func(v ClusterSettings) *string { return v.Value }).(pulumi.StringPtrOutput) } diff --git a/sdk/go/aws/efs/getMountTarget.go b/sdk/go/aws/efs/getMountTarget.go index d3aa265a35..f52dc5c8f1 100644 --- a/sdk/go/aws/efs/getMountTarget.go +++ b/sdk/go/aws/efs/getMountTarget.go @@ -34,7 +34,7 @@ type LookupMountTargetResult struct { // // Example: `fs-0123456789111222a` Id *string `pulumi:"id"` - // Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + // VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). SecurityGroups []string `pulumi:"securityGroups"` } @@ -79,7 +79,7 @@ func (o LookupMountTargetResultOutput) Id() pulumi.StringPtrOutput { return o.ApplyT(func(v LookupMountTargetResult) *string { return v.Id }).(pulumi.StringPtrOutput) } -// Up to five VPC security group IDs, of the form “sg-xxxxxxxx“. These must be for the same VPC as subnet specified. +// VPC security group IDs, of the form “sg-xxxxxxxx“. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). func (o LookupMountTargetResultOutput) SecurityGroups() pulumi.StringArrayOutput { return o.ApplyT(func(v LookupMountTargetResult) []string { return v.SecurityGroups }).(pulumi.StringArrayOutput) } diff --git a/sdk/go/aws/efs/mountTarget.go b/sdk/go/aws/efs/mountTarget.go index 8f82121a62..1a602b22bb 100644 --- a/sdk/go/aws/efs/mountTarget.go +++ b/sdk/go/aws/efs/mountTarget.go @@ -24,7 +24,7 @@ type MountTarget struct { FileSystemId pulumi.StringOutput `pulumi:"fileSystemId"` // Valid IPv4 address within the address range of the specified subnet. IpAddress pulumi.StringPtrOutput `pulumi:"ipAddress"` - // Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + // VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). SecurityGroups pulumi.StringArrayOutput `pulumi:"securityGroups"` // The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. SubnetId pulumi.StringOutput `pulumi:"subnetId"` @@ -89,7 +89,7 @@ type mountTargetArgs struct { FileSystemId string `pulumi:"fileSystemId"` // Valid IPv4 address within the address range of the specified subnet. IpAddress *string `pulumi:"ipAddress"` - // Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + // VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). SecurityGroups []string `pulumi:"securityGroups"` // The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. SubnetId string `pulumi:"subnetId"` @@ -101,7 +101,7 @@ type MountTargetArgs struct { FileSystemId pulumi.StringInput // Valid IPv4 address within the address range of the specified subnet. IpAddress pulumi.StringPtrInput - // Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + // VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). SecurityGroups pulumi.StringArrayInput // The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. SubnetId pulumi.StringInput @@ -161,7 +161,7 @@ func (o MountTargetOutput) IpAddress() pulumi.StringPtrOutput { return o.ApplyT(func(v *MountTarget) pulumi.StringPtrOutput { return v.IpAddress }).(pulumi.StringPtrOutput) } -// Up to five VPC security group IDs, of the form “sg-xxxxxxxx“. These must be for the same VPC as subnet specified. +// VPC security group IDs, of the form “sg-xxxxxxxx“. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). func (o MountTargetOutput) SecurityGroups() pulumi.StringArrayOutput { return o.ApplyT(func(v *MountTarget) pulumi.StringArrayOutput { return v.SecurityGroups }).(pulumi.StringArrayOutput) } diff --git a/sdk/go/aws/emrcontainers/getVirtualCluster.go b/sdk/go/aws/emrcontainers/getVirtualCluster.go index 2f634310eb..25e1bf0dd5 100644 --- a/sdk/go/aws/emrcontainers/getVirtualCluster.go +++ b/sdk/go/aws/emrcontainers/getVirtualCluster.go @@ -33,6 +33,8 @@ type LookupVirtualClusterResult struct { Arn *string `pulumi:"arn"` // Id of the virtual cluster. Id *string `pulumi:"id"` + // The ID of the security configuration. + SecurityConfigurationId *string `pulumi:"securityConfigurationId"` // An array of key-value pairs to apply to this virtual cluster. Tags []aws.Tag `pulumi:"tags"` } @@ -79,6 +81,11 @@ func (o LookupVirtualClusterResultOutput) Id() pulumi.StringPtrOutput { return o.ApplyT(func(v LookupVirtualClusterResult) *string { return v.Id }).(pulumi.StringPtrOutput) } +// The ID of the security configuration. +func (o LookupVirtualClusterResultOutput) SecurityConfigurationId() pulumi.StringPtrOutput { + return o.ApplyT(func(v LookupVirtualClusterResult) *string { return v.SecurityConfigurationId }).(pulumi.StringPtrOutput) +} + // An array of key-value pairs to apply to this virtual cluster. func (o LookupVirtualClusterResultOutput) Tags() aws.TagArrayOutput { return o.ApplyT(func(v LookupVirtualClusterResult) []aws.Tag { return v.Tags }).(aws.TagArrayOutput) diff --git a/sdk/go/aws/emrcontainers/virtualCluster.go b/sdk/go/aws/emrcontainers/virtualCluster.go index 1cbc3e116f..d43a38e84e 100644 --- a/sdk/go/aws/emrcontainers/virtualCluster.go +++ b/sdk/go/aws/emrcontainers/virtualCluster.go @@ -111,6 +111,8 @@ type VirtualCluster struct { ContainerProvider VirtualClusterContainerProviderOutput `pulumi:"containerProvider"` // Name of the virtual cluster. Name pulumi.StringOutput `pulumi:"name"` + // The ID of the security configuration. + SecurityConfigurationId pulumi.StringPtrOutput `pulumi:"securityConfigurationId"` // An array of key-value pairs to apply to this virtual cluster. Tags aws.TagArrayOutput `pulumi:"tags"` } @@ -167,6 +169,8 @@ type virtualClusterArgs struct { ContainerProvider VirtualClusterContainerProvider `pulumi:"containerProvider"` // Name of the virtual cluster. Name *string `pulumi:"name"` + // The ID of the security configuration. + SecurityConfigurationId *string `pulumi:"securityConfigurationId"` // An array of key-value pairs to apply to this virtual cluster. Tags []aws.Tag `pulumi:"tags"` } @@ -177,6 +181,8 @@ type VirtualClusterArgs struct { ContainerProvider VirtualClusterContainerProviderInput // Name of the virtual cluster. Name pulumi.StringPtrInput + // The ID of the security configuration. + SecurityConfigurationId pulumi.StringPtrInput // An array of key-value pairs to apply to this virtual cluster. Tags aws.TagArrayInput } @@ -238,6 +244,11 @@ func (o VirtualClusterOutput) Name() pulumi.StringOutput { return o.ApplyT(func(v *VirtualCluster) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput) } +// The ID of the security configuration. +func (o VirtualClusterOutput) SecurityConfigurationId() pulumi.StringPtrOutput { + return o.ApplyT(func(v *VirtualCluster) pulumi.StringPtrOutput { return v.SecurityConfigurationId }).(pulumi.StringPtrOutput) +} + // An array of key-value pairs to apply to this virtual cluster. func (o VirtualClusterOutput) Tags() aws.TagArrayOutput { return o.ApplyT(func(v *VirtualCluster) aws.TagArrayOutput { return v.Tags }).(aws.TagArrayOutput) diff --git a/sdk/go/aws/fms/getPolicy.go b/sdk/go/aws/fms/getPolicy.go index 112aab6e45..e026e27ab1 100644 --- a/sdk/go/aws/fms/getPolicy.go +++ b/sdk/go/aws/fms/getPolicy.go @@ -93,7 +93,7 @@ type LookupPolicyResult struct { // // This contains the following settings: // - // - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + // - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . // // Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` // - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. @@ -319,7 +319,7 @@ func (o LookupPolicyResultOutput) ResourcesCleanUp() pulumi.BoolPtrOutput { // // This contains the following settings: // -// - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . +// - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . // // Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` // - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. diff --git a/sdk/go/aws/fms/policy.go b/sdk/go/aws/fms/policy.go index 84929f3499..99ff53d657 100644 --- a/sdk/go/aws/fms/policy.go +++ b/sdk/go/aws/fms/policy.go @@ -96,7 +96,7 @@ type Policy struct { // // This contains the following settings: // - // - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + // - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . // // Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` // - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. @@ -308,7 +308,7 @@ type policyArgs struct { // // This contains the following settings: // - // - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + // - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . // // Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` // - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. @@ -473,7 +473,7 @@ type PolicyArgs struct { // // This contains the following settings: // - // - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + // - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . // // Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` // - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. @@ -722,7 +722,7 @@ func (o PolicyOutput) ResourcesCleanUp() pulumi.BoolPtrOutput { // // This contains the following settings: // -// - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . +// - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . // // Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` // - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. diff --git a/sdk/go/aws/fms/pulumiTypes.go b/sdk/go/aws/fms/pulumiTypes.go index 42082a6609..ed3ad16b58 100644 --- a/sdk/go/aws/fms/pulumiTypes.go +++ b/sdk/go/aws/fms/pulumiTypes.go @@ -1541,7 +1541,7 @@ type PolicySecurityServicePolicyData struct { ManagedServiceData *string `pulumi:"managedServiceData"` // Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy. PolicyOption *PolicyOption `pulumi:"policyOption"` - // The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + // The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . Type PolicyType `pulumi:"type"` } @@ -1641,7 +1641,7 @@ type PolicySecurityServicePolicyDataArgs struct { ManagedServiceData pulumi.StringPtrInput `pulumi:"managedServiceData"` // Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy. PolicyOption PolicyOptionPtrInput `pulumi:"policyOption"` - // The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + // The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . Type PolicyTypeInput `pulumi:"type"` } @@ -1761,7 +1761,7 @@ func (o PolicySecurityServicePolicyDataOutput) PolicyOption() PolicyOptionPtrOut return o.ApplyT(func(v PolicySecurityServicePolicyData) *PolicyOption { return v.PolicyOption }).(PolicyOptionPtrOutput) } -// The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . +// The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . func (o PolicySecurityServicePolicyDataOutput) Type() PolicyTypeOutput { return o.ApplyT(func(v PolicySecurityServicePolicyData) PolicyType { return v.Type }).(PolicyTypeOutput) } @@ -1889,7 +1889,7 @@ func (o PolicySecurityServicePolicyDataPtrOutput) PolicyOption() PolicyOptionPtr }).(PolicyOptionPtrOutput) } -// The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . +// The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . func (o PolicySecurityServicePolicyDataPtrOutput) Type() PolicyTypePtrOutput { return o.ApplyT(func(v *PolicySecurityServicePolicyData) *PolicyType { if v == nil { diff --git a/sdk/go/aws/glue/pulumiTypes.go b/sdk/go/aws/glue/pulumiTypes.go index dbddb1c5ac..5b44b42c3c 100644 --- a/sdk/go/aws/glue/pulumiTypes.go +++ b/sdk/go/aws/glue/pulumiTypes.go @@ -376,6 +376,133 @@ func (o CrawlerDynamoDbTargetArrayOutput) Index(i pulumi.IntInput) CrawlerDynamo }).(CrawlerDynamoDbTargetOutput) } +// Specifies Apache Hudi data store targets. +type CrawlerHudiTarget struct { + // The name of the connection to use to connect to the Hudi target. + ConnectionName *string `pulumi:"connectionName"` + // A list of global patterns used to exclude from the crawl. + Exclusions []string `pulumi:"exclusions"` + // The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. + MaximumTraversalDepth *int `pulumi:"maximumTraversalDepth"` + // One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . + Paths []string `pulumi:"paths"` +} + +// CrawlerHudiTargetInput is an input type that accepts CrawlerHudiTargetArgs and CrawlerHudiTargetOutput values. +// You can construct a concrete instance of `CrawlerHudiTargetInput` via: +// +// CrawlerHudiTargetArgs{...} +type CrawlerHudiTargetInput interface { + pulumi.Input + + ToCrawlerHudiTargetOutput() CrawlerHudiTargetOutput + ToCrawlerHudiTargetOutputWithContext(context.Context) CrawlerHudiTargetOutput +} + +// Specifies Apache Hudi data store targets. +type CrawlerHudiTargetArgs struct { + // The name of the connection to use to connect to the Hudi target. + ConnectionName pulumi.StringPtrInput `pulumi:"connectionName"` + // A list of global patterns used to exclude from the crawl. + Exclusions pulumi.StringArrayInput `pulumi:"exclusions"` + // The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. + MaximumTraversalDepth pulumi.IntPtrInput `pulumi:"maximumTraversalDepth"` + // One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . + Paths pulumi.StringArrayInput `pulumi:"paths"` +} + +func (CrawlerHudiTargetArgs) ElementType() reflect.Type { + return reflect.TypeOf((*CrawlerHudiTarget)(nil)).Elem() +} + +func (i CrawlerHudiTargetArgs) ToCrawlerHudiTargetOutput() CrawlerHudiTargetOutput { + return i.ToCrawlerHudiTargetOutputWithContext(context.Background()) +} + +func (i CrawlerHudiTargetArgs) ToCrawlerHudiTargetOutputWithContext(ctx context.Context) CrawlerHudiTargetOutput { + return pulumi.ToOutputWithContext(ctx, i).(CrawlerHudiTargetOutput) +} + +// CrawlerHudiTargetArrayInput is an input type that accepts CrawlerHudiTargetArray and CrawlerHudiTargetArrayOutput values. +// You can construct a concrete instance of `CrawlerHudiTargetArrayInput` via: +// +// CrawlerHudiTargetArray{ CrawlerHudiTargetArgs{...} } +type CrawlerHudiTargetArrayInput interface { + pulumi.Input + + ToCrawlerHudiTargetArrayOutput() CrawlerHudiTargetArrayOutput + ToCrawlerHudiTargetArrayOutputWithContext(context.Context) CrawlerHudiTargetArrayOutput +} + +type CrawlerHudiTargetArray []CrawlerHudiTargetInput + +func (CrawlerHudiTargetArray) ElementType() reflect.Type { + return reflect.TypeOf((*[]CrawlerHudiTarget)(nil)).Elem() +} + +func (i CrawlerHudiTargetArray) ToCrawlerHudiTargetArrayOutput() CrawlerHudiTargetArrayOutput { + return i.ToCrawlerHudiTargetArrayOutputWithContext(context.Background()) +} + +func (i CrawlerHudiTargetArray) ToCrawlerHudiTargetArrayOutputWithContext(ctx context.Context) CrawlerHudiTargetArrayOutput { + return pulumi.ToOutputWithContext(ctx, i).(CrawlerHudiTargetArrayOutput) +} + +// Specifies Apache Hudi data store targets. +type CrawlerHudiTargetOutput struct{ *pulumi.OutputState } + +func (CrawlerHudiTargetOutput) ElementType() reflect.Type { + return reflect.TypeOf((*CrawlerHudiTarget)(nil)).Elem() +} + +func (o CrawlerHudiTargetOutput) ToCrawlerHudiTargetOutput() CrawlerHudiTargetOutput { + return o +} + +func (o CrawlerHudiTargetOutput) ToCrawlerHudiTargetOutputWithContext(ctx context.Context) CrawlerHudiTargetOutput { + return o +} + +// The name of the connection to use to connect to the Hudi target. +func (o CrawlerHudiTargetOutput) ConnectionName() pulumi.StringPtrOutput { + return o.ApplyT(func(v CrawlerHudiTarget) *string { return v.ConnectionName }).(pulumi.StringPtrOutput) +} + +// A list of global patterns used to exclude from the crawl. +func (o CrawlerHudiTargetOutput) Exclusions() pulumi.StringArrayOutput { + return o.ApplyT(func(v CrawlerHudiTarget) []string { return v.Exclusions }).(pulumi.StringArrayOutput) +} + +// The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. +func (o CrawlerHudiTargetOutput) MaximumTraversalDepth() pulumi.IntPtrOutput { + return o.ApplyT(func(v CrawlerHudiTarget) *int { return v.MaximumTraversalDepth }).(pulumi.IntPtrOutput) +} + +// One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . +func (o CrawlerHudiTargetOutput) Paths() pulumi.StringArrayOutput { + return o.ApplyT(func(v CrawlerHudiTarget) []string { return v.Paths }).(pulumi.StringArrayOutput) +} + +type CrawlerHudiTargetArrayOutput struct{ *pulumi.OutputState } + +func (CrawlerHudiTargetArrayOutput) ElementType() reflect.Type { + return reflect.TypeOf((*[]CrawlerHudiTarget)(nil)).Elem() +} + +func (o CrawlerHudiTargetArrayOutput) ToCrawlerHudiTargetArrayOutput() CrawlerHudiTargetArrayOutput { + return o +} + +func (o CrawlerHudiTargetArrayOutput) ToCrawlerHudiTargetArrayOutputWithContext(ctx context.Context) CrawlerHudiTargetArrayOutput { + return o +} + +func (o CrawlerHudiTargetArrayOutput) Index(i pulumi.IntInput) CrawlerHudiTargetOutput { + return pulumi.All(o, i).ApplyT(func(vs []interface{}) CrawlerHudiTarget { + return vs[0].([]CrawlerHudiTarget)[vs[1].(int)] + }).(CrawlerHudiTargetOutput) +} + // Specifies Apache Iceberg data store targets. type CrawlerIcebergTarget struct { // The name of the connection to use to connect to the Iceberg target. @@ -1496,6 +1623,8 @@ type CrawlerTargets struct { DeltaTargets []CrawlerDeltaTarget `pulumi:"deltaTargets"` // Specifies Amazon DynamoDB targets. DynamoDbTargets []CrawlerDynamoDbTarget `pulumi:"dynamoDbTargets"` + // Specifies Apache Hudi data store targets. + HudiTargets []CrawlerHudiTarget `pulumi:"hudiTargets"` // Specifies Apache Iceberg data store targets. IcebergTargets []CrawlerIcebergTarget `pulumi:"icebergTargets"` // Specifies JDBC targets. @@ -1525,6 +1654,8 @@ type CrawlerTargetsArgs struct { DeltaTargets CrawlerDeltaTargetArrayInput `pulumi:"deltaTargets"` // Specifies Amazon DynamoDB targets. DynamoDbTargets CrawlerDynamoDbTargetArrayInput `pulumi:"dynamoDbTargets"` + // Specifies Apache Hudi data store targets. + HudiTargets CrawlerHudiTargetArrayInput `pulumi:"hudiTargets"` // Specifies Apache Iceberg data store targets. IcebergTargets CrawlerIcebergTargetArrayInput `pulumi:"icebergTargets"` // Specifies JDBC targets. @@ -1577,6 +1708,11 @@ func (o CrawlerTargetsOutput) DynamoDbTargets() CrawlerDynamoDbTargetArrayOutput return o.ApplyT(func(v CrawlerTargets) []CrawlerDynamoDbTarget { return v.DynamoDbTargets }).(CrawlerDynamoDbTargetArrayOutput) } +// Specifies Apache Hudi data store targets. +func (o CrawlerTargetsOutput) HudiTargets() CrawlerHudiTargetArrayOutput { + return o.ApplyT(func(v CrawlerTargets) []CrawlerHudiTarget { return v.HudiTargets }).(CrawlerHudiTargetArrayOutput) +} + // Specifies Apache Iceberg data store targets. func (o CrawlerTargetsOutput) IcebergTargets() CrawlerIcebergTargetArrayOutput { return o.ApplyT(func(v CrawlerTargets) []CrawlerIcebergTarget { return v.IcebergTargets }).(CrawlerIcebergTargetArrayOutput) @@ -1651,6 +1787,16 @@ func (o CrawlerTargetsPtrOutput) DynamoDbTargets() CrawlerDynamoDbTargetArrayOut }).(CrawlerDynamoDbTargetArrayOutput) } +// Specifies Apache Hudi data store targets. +func (o CrawlerTargetsPtrOutput) HudiTargets() CrawlerHudiTargetArrayOutput { + return o.ApplyT(func(v *CrawlerTargets) []CrawlerHudiTarget { + if v == nil { + return nil + } + return v.HudiTargets + }).(CrawlerHudiTargetArrayOutput) +} + // Specifies Apache Iceberg data store targets. func (o CrawlerTargetsPtrOutput) IcebergTargets() CrawlerIcebergTargetArrayOutput { return o.ApplyT(func(v *CrawlerTargets) []CrawlerIcebergTarget { @@ -4456,6 +4602,8 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*CrawlerDeltaTargetArrayInput)(nil)).Elem(), CrawlerDeltaTargetArray{}) pulumi.RegisterInputType(reflect.TypeOf((*CrawlerDynamoDbTargetInput)(nil)).Elem(), CrawlerDynamoDbTargetArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*CrawlerDynamoDbTargetArrayInput)(nil)).Elem(), CrawlerDynamoDbTargetArray{}) + pulumi.RegisterInputType(reflect.TypeOf((*CrawlerHudiTargetInput)(nil)).Elem(), CrawlerHudiTargetArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*CrawlerHudiTargetArrayInput)(nil)).Elem(), CrawlerHudiTargetArray{}) pulumi.RegisterInputType(reflect.TypeOf((*CrawlerIcebergTargetInput)(nil)).Elem(), CrawlerIcebergTargetArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*CrawlerIcebergTargetArrayInput)(nil)).Elem(), CrawlerIcebergTargetArray{}) pulumi.RegisterInputType(reflect.TypeOf((*CrawlerJdbcTargetInput)(nil)).Elem(), CrawlerJdbcTargetArgs{}) @@ -4514,6 +4662,8 @@ func init() { pulumi.RegisterOutputType(CrawlerDeltaTargetArrayOutput{}) pulumi.RegisterOutputType(CrawlerDynamoDbTargetOutput{}) pulumi.RegisterOutputType(CrawlerDynamoDbTargetArrayOutput{}) + pulumi.RegisterOutputType(CrawlerHudiTargetOutput{}) + pulumi.RegisterOutputType(CrawlerHudiTargetArrayOutput{}) pulumi.RegisterOutputType(CrawlerIcebergTargetOutput{}) pulumi.RegisterOutputType(CrawlerIcebergTargetArrayOutput{}) pulumi.RegisterOutputType(CrawlerJdbcTargetOutput{}) diff --git a/sdk/go/aws/groundstation/dataflowEndpointGroup.go b/sdk/go/aws/groundstation/dataflowEndpointGroup.go index 8e23f165af..eb7ef9fb39 100644 --- a/sdk/go/aws/groundstation/dataflowEndpointGroup.go +++ b/sdk/go/aws/groundstation/dataflowEndpointGroup.go @@ -88,6 +88,12 @@ func NewDataflowEndpointGroup(ctx *pulumi.Context, if args.EndpointDetails == nil { return nil, errors.New("invalid value for required argument 'EndpointDetails'") } + replaceOnChanges := pulumi.ReplaceOnChanges([]string{ + "contactPostPassDurationSeconds", + "contactPrePassDurationSeconds", + "endpointDetails[*]", + }) + opts = append(opts, replaceOnChanges) opts = internal.PkgResourceDefaultOpts(opts) var resource DataflowEndpointGroup err := ctx.RegisterResource("aws-native:groundstation:DataflowEndpointGroup", name, args, &resource, opts...) diff --git a/sdk/go/aws/groundstation/getDataflowEndpointGroup.go b/sdk/go/aws/groundstation/getDataflowEndpointGroup.go index 56e0d6f255..4aa62b22c2 100644 --- a/sdk/go/aws/groundstation/getDataflowEndpointGroup.go +++ b/sdk/go/aws/groundstation/getDataflowEndpointGroup.go @@ -31,12 +31,6 @@ type LookupDataflowEndpointGroupArgs struct { type LookupDataflowEndpointGroupResult struct { // The ARN of the dataflow endpoint group, such as `arn:aws:groundstation:us-east-2:1234567890:dataflow-endpoint-group/9940bf3b-d2ba-427e-9906-842b5e5d2296` . Arn *string `pulumi:"arn"` - // Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state. - ContactPostPassDurationSeconds *int `pulumi:"contactPostPassDurationSeconds"` - // Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state. - ContactPrePassDurationSeconds *int `pulumi:"contactPrePassDurationSeconds"` - // List of Endpoint Details, containing address and port for each endpoint. - EndpointDetails []DataflowEndpointGroupEndpointDetails `pulumi:"endpointDetails"` // UUID of a dataflow endpoint group. Id *string `pulumi:"id"` // Tags assigned to a resource. @@ -80,23 +74,6 @@ func (o LookupDataflowEndpointGroupResultOutput) Arn() pulumi.StringPtrOutput { return o.ApplyT(func(v LookupDataflowEndpointGroupResult) *string { return v.Arn }).(pulumi.StringPtrOutput) } -// Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state. -func (o LookupDataflowEndpointGroupResultOutput) ContactPostPassDurationSeconds() pulumi.IntPtrOutput { - return o.ApplyT(func(v LookupDataflowEndpointGroupResult) *int { return v.ContactPostPassDurationSeconds }).(pulumi.IntPtrOutput) -} - -// Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state. -func (o LookupDataflowEndpointGroupResultOutput) ContactPrePassDurationSeconds() pulumi.IntPtrOutput { - return o.ApplyT(func(v LookupDataflowEndpointGroupResult) *int { return v.ContactPrePassDurationSeconds }).(pulumi.IntPtrOutput) -} - -// List of Endpoint Details, containing address and port for each endpoint. -func (o LookupDataflowEndpointGroupResultOutput) EndpointDetails() DataflowEndpointGroupEndpointDetailsArrayOutput { - return o.ApplyT(func(v LookupDataflowEndpointGroupResult) []DataflowEndpointGroupEndpointDetails { - return v.EndpointDetails - }).(DataflowEndpointGroupEndpointDetailsArrayOutput) -} - // UUID of a dataflow endpoint group. func (o LookupDataflowEndpointGroupResultOutput) Id() pulumi.StringPtrOutput { return o.ApplyT(func(v LookupDataflowEndpointGroupResult) *string { return v.Id }).(pulumi.StringPtrOutput) diff --git a/sdk/go/aws/groundstation/pulumiTypes.go b/sdk/go/aws/groundstation/pulumiTypes.go index 098f55c008..c94de108a8 100644 --- a/sdk/go/aws/groundstation/pulumiTypes.go +++ b/sdk/go/aws/groundstation/pulumiTypes.go @@ -4066,7 +4066,8 @@ func (o MissionProfileDataflowEdgeArrayOutput) Index(i pulumi.IntInput) MissionP type MissionProfileStreamsKmsKey struct { // KMS Alias Arn. - KmsAliasArn *string `pulumi:"kmsAliasArn"` + KmsAliasArn *string `pulumi:"kmsAliasArn"` + KmsAliasName *string `pulumi:"kmsAliasName"` // KMS Key Arn. KmsKeyArn *string `pulumi:"kmsKeyArn"` } @@ -4084,7 +4085,8 @@ type MissionProfileStreamsKmsKeyInput interface { type MissionProfileStreamsKmsKeyArgs struct { // KMS Alias Arn. - KmsAliasArn pulumi.StringPtrInput `pulumi:"kmsAliasArn"` + KmsAliasArn pulumi.StringPtrInput `pulumi:"kmsAliasArn"` + KmsAliasName pulumi.StringPtrInput `pulumi:"kmsAliasName"` // KMS Key Arn. KmsKeyArn pulumi.StringPtrInput `pulumi:"kmsKeyArn"` } @@ -4171,6 +4173,10 @@ func (o MissionProfileStreamsKmsKeyOutput) KmsAliasArn() pulumi.StringPtrOutput return o.ApplyT(func(v MissionProfileStreamsKmsKey) *string { return v.KmsAliasArn }).(pulumi.StringPtrOutput) } +func (o MissionProfileStreamsKmsKeyOutput) KmsAliasName() pulumi.StringPtrOutput { + return o.ApplyT(func(v MissionProfileStreamsKmsKey) *string { return v.KmsAliasName }).(pulumi.StringPtrOutput) +} + // KMS Key Arn. func (o MissionProfileStreamsKmsKeyOutput) KmsKeyArn() pulumi.StringPtrOutput { return o.ApplyT(func(v MissionProfileStreamsKmsKey) *string { return v.KmsKeyArn }).(pulumi.StringPtrOutput) @@ -4210,6 +4216,15 @@ func (o MissionProfileStreamsKmsKeyPtrOutput) KmsAliasArn() pulumi.StringPtrOutp }).(pulumi.StringPtrOutput) } +func (o MissionProfileStreamsKmsKeyPtrOutput) KmsAliasName() pulumi.StringPtrOutput { + return o.ApplyT(func(v *MissionProfileStreamsKmsKey) *string { + if v == nil { + return nil + } + return v.KmsAliasName + }).(pulumi.StringPtrOutput) +} + // KMS Key Arn. func (o MissionProfileStreamsKmsKeyPtrOutput) KmsKeyArn() pulumi.StringPtrOutput { return o.ApplyT(func(v *MissionProfileStreamsKmsKey) *string { diff --git a/sdk/go/aws/s3objectlambda/pulumiTypes.go b/sdk/go/aws/s3objectlambda/pulumiTypes.go index 3d1727cde0..c2c43b06b2 100644 --- a/sdk/go/aws/s3objectlambda/pulumiTypes.go +++ b/sdk/go/aws/s3objectlambda/pulumiTypes.go @@ -477,7 +477,7 @@ func (o AccessPointPublicAccessBlockConfigurationPtrOutput) RestrictPublicBucket // Configuration to define what content transformation will be applied on which S3 Action. type AccessPointTransformationConfiguration struct { - // A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` . + // A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . Actions []string `pulumi:"actions"` // A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* . ContentTransformation AccessPointTransformationConfigurationContentTransformationProperties `pulumi:"contentTransformation"` @@ -496,7 +496,7 @@ type AccessPointTransformationConfigurationInput interface { // Configuration to define what content transformation will be applied on which S3 Action. type AccessPointTransformationConfigurationArgs struct { - // A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` . + // A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . Actions pulumi.StringArrayInput `pulumi:"actions"` // A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* . ContentTransformation AccessPointTransformationConfigurationContentTransformationPropertiesInput `pulumi:"contentTransformation"` @@ -554,7 +554,7 @@ func (o AccessPointTransformationConfigurationOutput) ToAccessPointTransformatio return o } -// A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` . +// A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . func (o AccessPointTransformationConfigurationOutput) Actions() pulumi.StringArrayOutput { return o.ApplyT(func(v AccessPointTransformationConfiguration) []string { return v.Actions }).(pulumi.StringArrayOutput) } diff --git a/sdk/go/aws/transfer/getWebApp.go b/sdk/go/aws/transfer/getWebApp.go new file mode 100644 index 0000000000..9b32c7792f --- /dev/null +++ b/sdk/go/aws/transfer/getWebApp.go @@ -0,0 +1,121 @@ +// Code generated by pulumi-language-go DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package transfer + +import ( + "context" + "reflect" + + "github.com/pulumi/pulumi-aws-native/sdk/go/aws" + "github.com/pulumi/pulumi-aws-native/sdk/go/aws/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Resource Type definition for AWS::Transfer::WebApp +func LookupWebApp(ctx *pulumi.Context, args *LookupWebAppArgs, opts ...pulumi.InvokeOption) (*LookupWebAppResult, error) { + opts = internal.PkgInvokeDefaultOpts(opts) + var rv LookupWebAppResult + err := ctx.Invoke("aws-native:transfer:getWebApp", args, &rv, opts...) + if err != nil { + return nil, err + } + return &rv, nil +} + +type LookupWebAppArgs struct { + // Specifies the unique Amazon Resource Name (ARN) for the web app. + Arn string `pulumi:"arn"` +} + +type LookupWebAppResult struct { + // The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + AccessEndpoint *string `pulumi:"accessEndpoint"` + // Specifies the unique Amazon Resource Name (ARN) for the web app. + Arn *string `pulumi:"arn"` + // You can provide a structure that contains the details for the identity provider to use with your web app. + // + // For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + IdentityProviderDetails *WebAppIdentityProviderDetails `pulumi:"identityProviderDetails"` + // Key-value pairs that can be used to group and search for web apps. + Tags []aws.Tag `pulumi:"tags"` + // A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + WebAppCustomization *WebAppCustomization `pulumi:"webAppCustomization"` + // A unique identifier for the web app. + WebAppId *string `pulumi:"webAppId"` + // A union that contains the value for number of concurrent connections or the user sessions on your web app. + WebAppUnits *WebAppUnitsProperties `pulumi:"webAppUnits"` +} + +func LookupWebAppOutput(ctx *pulumi.Context, args LookupWebAppOutputArgs, opts ...pulumi.InvokeOption) LookupWebAppResultOutput { + return pulumi.ToOutputWithContext(ctx.Context(), args). + ApplyT(func(v interface{}) (LookupWebAppResultOutput, error) { + args := v.(LookupWebAppArgs) + options := pulumi.InvokeOutputOptions{InvokeOptions: internal.PkgInvokeDefaultOpts(opts)} + return ctx.InvokeOutput("aws-native:transfer:getWebApp", args, LookupWebAppResultOutput{}, options).(LookupWebAppResultOutput), nil + }).(LookupWebAppResultOutput) +} + +type LookupWebAppOutputArgs struct { + // Specifies the unique Amazon Resource Name (ARN) for the web app. + Arn pulumi.StringInput `pulumi:"arn"` +} + +func (LookupWebAppOutputArgs) ElementType() reflect.Type { + return reflect.TypeOf((*LookupWebAppArgs)(nil)).Elem() +} + +type LookupWebAppResultOutput struct{ *pulumi.OutputState } + +func (LookupWebAppResultOutput) ElementType() reflect.Type { + return reflect.TypeOf((*LookupWebAppResult)(nil)).Elem() +} + +func (o LookupWebAppResultOutput) ToLookupWebAppResultOutput() LookupWebAppResultOutput { + return o +} + +func (o LookupWebAppResultOutput) ToLookupWebAppResultOutputWithContext(ctx context.Context) LookupWebAppResultOutput { + return o +} + +// The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. +func (o LookupWebAppResultOutput) AccessEndpoint() pulumi.StringPtrOutput { + return o.ApplyT(func(v LookupWebAppResult) *string { return v.AccessEndpoint }).(pulumi.StringPtrOutput) +} + +// Specifies the unique Amazon Resource Name (ARN) for the web app. +func (o LookupWebAppResultOutput) Arn() pulumi.StringPtrOutput { + return o.ApplyT(func(v LookupWebAppResult) *string { return v.Arn }).(pulumi.StringPtrOutput) +} + +// You can provide a structure that contains the details for the identity provider to use with your web app. +// +// For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . +func (o LookupWebAppResultOutput) IdentityProviderDetails() WebAppIdentityProviderDetailsPtrOutput { + return o.ApplyT(func(v LookupWebAppResult) *WebAppIdentityProviderDetails { return v.IdentityProviderDetails }).(WebAppIdentityProviderDetailsPtrOutput) +} + +// Key-value pairs that can be used to group and search for web apps. +func (o LookupWebAppResultOutput) Tags() aws.TagArrayOutput { + return o.ApplyT(func(v LookupWebAppResult) []aws.Tag { return v.Tags }).(aws.TagArrayOutput) +} + +// A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. +func (o LookupWebAppResultOutput) WebAppCustomization() WebAppCustomizationPtrOutput { + return o.ApplyT(func(v LookupWebAppResult) *WebAppCustomization { return v.WebAppCustomization }).(WebAppCustomizationPtrOutput) +} + +// A unique identifier for the web app. +func (o LookupWebAppResultOutput) WebAppId() pulumi.StringPtrOutput { + return o.ApplyT(func(v LookupWebAppResult) *string { return v.WebAppId }).(pulumi.StringPtrOutput) +} + +// A union that contains the value for number of concurrent connections or the user sessions on your web app. +func (o LookupWebAppResultOutput) WebAppUnits() WebAppUnitsPropertiesPtrOutput { + return o.ApplyT(func(v LookupWebAppResult) *WebAppUnitsProperties { return v.WebAppUnits }).(WebAppUnitsPropertiesPtrOutput) +} + +func init() { + pulumi.RegisterOutputType(LookupWebAppResultOutput{}) +} diff --git a/sdk/go/aws/transfer/init.go b/sdk/go/aws/transfer/init.go index 8894dd4def..ffd82f6a41 100644 --- a/sdk/go/aws/transfer/init.go +++ b/sdk/go/aws/transfer/init.go @@ -33,6 +33,8 @@ func (m *module) Construct(ctx *pulumi.Context, name, typ, urn string) (r pulumi r = &Server{} case "aws-native:transfer:User": r = &User{} + case "aws-native:transfer:WebApp": + r = &WebApp{} case "aws-native:transfer:Workflow": r = &Workflow{} default: diff --git a/sdk/go/aws/transfer/pulumiTypes.go b/sdk/go/aws/transfer/pulumiTypes.go index 4a36246911..cf99cda8eb 100644 --- a/sdk/go/aws/transfer/pulumiTypes.go +++ b/sdk/go/aws/transfer/pulumiTypes.go @@ -2098,6 +2098,457 @@ type UserTag struct { Value string `pulumi:"value"` } +type WebAppCustomization struct { + // Specifies a favicon to display in the browser tab. + FaviconFile *string `pulumi:"faviconFile"` + // Specifies a logo to display on the web app. + LogoFile *string `pulumi:"logoFile"` + // Specifies a title to display on the web app. + Title *string `pulumi:"title"` +} + +// WebAppCustomizationInput is an input type that accepts WebAppCustomizationArgs and WebAppCustomizationOutput values. +// You can construct a concrete instance of `WebAppCustomizationInput` via: +// +// WebAppCustomizationArgs{...} +type WebAppCustomizationInput interface { + pulumi.Input + + ToWebAppCustomizationOutput() WebAppCustomizationOutput + ToWebAppCustomizationOutputWithContext(context.Context) WebAppCustomizationOutput +} + +type WebAppCustomizationArgs struct { + // Specifies a favicon to display in the browser tab. + FaviconFile pulumi.StringPtrInput `pulumi:"faviconFile"` + // Specifies a logo to display on the web app. + LogoFile pulumi.StringPtrInput `pulumi:"logoFile"` + // Specifies a title to display on the web app. + Title pulumi.StringPtrInput `pulumi:"title"` +} + +func (WebAppCustomizationArgs) ElementType() reflect.Type { + return reflect.TypeOf((*WebAppCustomization)(nil)).Elem() +} + +func (i WebAppCustomizationArgs) ToWebAppCustomizationOutput() WebAppCustomizationOutput { + return i.ToWebAppCustomizationOutputWithContext(context.Background()) +} + +func (i WebAppCustomizationArgs) ToWebAppCustomizationOutputWithContext(ctx context.Context) WebAppCustomizationOutput { + return pulumi.ToOutputWithContext(ctx, i).(WebAppCustomizationOutput) +} + +func (i WebAppCustomizationArgs) ToWebAppCustomizationPtrOutput() WebAppCustomizationPtrOutput { + return i.ToWebAppCustomizationPtrOutputWithContext(context.Background()) +} + +func (i WebAppCustomizationArgs) ToWebAppCustomizationPtrOutputWithContext(ctx context.Context) WebAppCustomizationPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(WebAppCustomizationOutput).ToWebAppCustomizationPtrOutputWithContext(ctx) +} + +// WebAppCustomizationPtrInput is an input type that accepts WebAppCustomizationArgs, WebAppCustomizationPtr and WebAppCustomizationPtrOutput values. +// You can construct a concrete instance of `WebAppCustomizationPtrInput` via: +// +// WebAppCustomizationArgs{...} +// +// or: +// +// nil +type WebAppCustomizationPtrInput interface { + pulumi.Input + + ToWebAppCustomizationPtrOutput() WebAppCustomizationPtrOutput + ToWebAppCustomizationPtrOutputWithContext(context.Context) WebAppCustomizationPtrOutput +} + +type webAppCustomizationPtrType WebAppCustomizationArgs + +func WebAppCustomizationPtr(v *WebAppCustomizationArgs) WebAppCustomizationPtrInput { + return (*webAppCustomizationPtrType)(v) +} + +func (*webAppCustomizationPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**WebAppCustomization)(nil)).Elem() +} + +func (i *webAppCustomizationPtrType) ToWebAppCustomizationPtrOutput() WebAppCustomizationPtrOutput { + return i.ToWebAppCustomizationPtrOutputWithContext(context.Background()) +} + +func (i *webAppCustomizationPtrType) ToWebAppCustomizationPtrOutputWithContext(ctx context.Context) WebAppCustomizationPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(WebAppCustomizationPtrOutput) +} + +type WebAppCustomizationOutput struct{ *pulumi.OutputState } + +func (WebAppCustomizationOutput) ElementType() reflect.Type { + return reflect.TypeOf((*WebAppCustomization)(nil)).Elem() +} + +func (o WebAppCustomizationOutput) ToWebAppCustomizationOutput() WebAppCustomizationOutput { + return o +} + +func (o WebAppCustomizationOutput) ToWebAppCustomizationOutputWithContext(ctx context.Context) WebAppCustomizationOutput { + return o +} + +func (o WebAppCustomizationOutput) ToWebAppCustomizationPtrOutput() WebAppCustomizationPtrOutput { + return o.ToWebAppCustomizationPtrOutputWithContext(context.Background()) +} + +func (o WebAppCustomizationOutput) ToWebAppCustomizationPtrOutputWithContext(ctx context.Context) WebAppCustomizationPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v WebAppCustomization) *WebAppCustomization { + return &v + }).(WebAppCustomizationPtrOutput) +} + +// Specifies a favicon to display in the browser tab. +func (o WebAppCustomizationOutput) FaviconFile() pulumi.StringPtrOutput { + return o.ApplyT(func(v WebAppCustomization) *string { return v.FaviconFile }).(pulumi.StringPtrOutput) +} + +// Specifies a logo to display on the web app. +func (o WebAppCustomizationOutput) LogoFile() pulumi.StringPtrOutput { + return o.ApplyT(func(v WebAppCustomization) *string { return v.LogoFile }).(pulumi.StringPtrOutput) +} + +// Specifies a title to display on the web app. +func (o WebAppCustomizationOutput) Title() pulumi.StringPtrOutput { + return o.ApplyT(func(v WebAppCustomization) *string { return v.Title }).(pulumi.StringPtrOutput) +} + +type WebAppCustomizationPtrOutput struct{ *pulumi.OutputState } + +func (WebAppCustomizationPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**WebAppCustomization)(nil)).Elem() +} + +func (o WebAppCustomizationPtrOutput) ToWebAppCustomizationPtrOutput() WebAppCustomizationPtrOutput { + return o +} + +func (o WebAppCustomizationPtrOutput) ToWebAppCustomizationPtrOutputWithContext(ctx context.Context) WebAppCustomizationPtrOutput { + return o +} + +func (o WebAppCustomizationPtrOutput) Elem() WebAppCustomizationOutput { + return o.ApplyT(func(v *WebAppCustomization) WebAppCustomization { + if v != nil { + return *v + } + var ret WebAppCustomization + return ret + }).(WebAppCustomizationOutput) +} + +// Specifies a favicon to display in the browser tab. +func (o WebAppCustomizationPtrOutput) FaviconFile() pulumi.StringPtrOutput { + return o.ApplyT(func(v *WebAppCustomization) *string { + if v == nil { + return nil + } + return v.FaviconFile + }).(pulumi.StringPtrOutput) +} + +// Specifies a logo to display on the web app. +func (o WebAppCustomizationPtrOutput) LogoFile() pulumi.StringPtrOutput { + return o.ApplyT(func(v *WebAppCustomization) *string { + if v == nil { + return nil + } + return v.LogoFile + }).(pulumi.StringPtrOutput) +} + +// Specifies a title to display on the web app. +func (o WebAppCustomizationPtrOutput) Title() pulumi.StringPtrOutput { + return o.ApplyT(func(v *WebAppCustomization) *string { + if v == nil { + return nil + } + return v.Title + }).(pulumi.StringPtrOutput) +} + +// You can provide a structure that contains the details for the identity provider to use with your web app. +type WebAppIdentityProviderDetails struct { + // The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. + ApplicationArn *string `pulumi:"applicationArn"` + // The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. + InstanceArn *string `pulumi:"instanceArn"` + // The IAM role in IAM Identity Center used for the web app. + Role *string `pulumi:"role"` +} + +// WebAppIdentityProviderDetailsInput is an input type that accepts WebAppIdentityProviderDetailsArgs and WebAppIdentityProviderDetailsOutput values. +// You can construct a concrete instance of `WebAppIdentityProviderDetailsInput` via: +// +// WebAppIdentityProviderDetailsArgs{...} +type WebAppIdentityProviderDetailsInput interface { + pulumi.Input + + ToWebAppIdentityProviderDetailsOutput() WebAppIdentityProviderDetailsOutput + ToWebAppIdentityProviderDetailsOutputWithContext(context.Context) WebAppIdentityProviderDetailsOutput +} + +// You can provide a structure that contains the details for the identity provider to use with your web app. +type WebAppIdentityProviderDetailsArgs struct { + // The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. + ApplicationArn pulumi.StringPtrInput `pulumi:"applicationArn"` + // The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. + InstanceArn pulumi.StringPtrInput `pulumi:"instanceArn"` + // The IAM role in IAM Identity Center used for the web app. + Role pulumi.StringPtrInput `pulumi:"role"` +} + +func (WebAppIdentityProviderDetailsArgs) ElementType() reflect.Type { + return reflect.TypeOf((*WebAppIdentityProviderDetails)(nil)).Elem() +} + +func (i WebAppIdentityProviderDetailsArgs) ToWebAppIdentityProviderDetailsOutput() WebAppIdentityProviderDetailsOutput { + return i.ToWebAppIdentityProviderDetailsOutputWithContext(context.Background()) +} + +func (i WebAppIdentityProviderDetailsArgs) ToWebAppIdentityProviderDetailsOutputWithContext(ctx context.Context) WebAppIdentityProviderDetailsOutput { + return pulumi.ToOutputWithContext(ctx, i).(WebAppIdentityProviderDetailsOutput) +} + +// You can provide a structure that contains the details for the identity provider to use with your web app. +type WebAppIdentityProviderDetailsOutput struct{ *pulumi.OutputState } + +func (WebAppIdentityProviderDetailsOutput) ElementType() reflect.Type { + return reflect.TypeOf((*WebAppIdentityProviderDetails)(nil)).Elem() +} + +func (o WebAppIdentityProviderDetailsOutput) ToWebAppIdentityProviderDetailsOutput() WebAppIdentityProviderDetailsOutput { + return o +} + +func (o WebAppIdentityProviderDetailsOutput) ToWebAppIdentityProviderDetailsOutputWithContext(ctx context.Context) WebAppIdentityProviderDetailsOutput { + return o +} + +// The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. +func (o WebAppIdentityProviderDetailsOutput) ApplicationArn() pulumi.StringPtrOutput { + return o.ApplyT(func(v WebAppIdentityProviderDetails) *string { return v.ApplicationArn }).(pulumi.StringPtrOutput) +} + +// The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. +func (o WebAppIdentityProviderDetailsOutput) InstanceArn() pulumi.StringPtrOutput { + return o.ApplyT(func(v WebAppIdentityProviderDetails) *string { return v.InstanceArn }).(pulumi.StringPtrOutput) +} + +// The IAM role in IAM Identity Center used for the web app. +func (o WebAppIdentityProviderDetailsOutput) Role() pulumi.StringPtrOutput { + return o.ApplyT(func(v WebAppIdentityProviderDetails) *string { return v.Role }).(pulumi.StringPtrOutput) +} + +type WebAppIdentityProviderDetailsPtrOutput struct{ *pulumi.OutputState } + +func (WebAppIdentityProviderDetailsPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**WebAppIdentityProviderDetails)(nil)).Elem() +} + +func (o WebAppIdentityProviderDetailsPtrOutput) ToWebAppIdentityProviderDetailsPtrOutput() WebAppIdentityProviderDetailsPtrOutput { + return o +} + +func (o WebAppIdentityProviderDetailsPtrOutput) ToWebAppIdentityProviderDetailsPtrOutputWithContext(ctx context.Context) WebAppIdentityProviderDetailsPtrOutput { + return o +} + +func (o WebAppIdentityProviderDetailsPtrOutput) Elem() WebAppIdentityProviderDetailsOutput { + return o.ApplyT(func(v *WebAppIdentityProviderDetails) WebAppIdentityProviderDetails { + if v != nil { + return *v + } + var ret WebAppIdentityProviderDetails + return ret + }).(WebAppIdentityProviderDetailsOutput) +} + +// The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. +func (o WebAppIdentityProviderDetailsPtrOutput) ApplicationArn() pulumi.StringPtrOutput { + return o.ApplyT(func(v *WebAppIdentityProviderDetails) *string { + if v == nil { + return nil + } + return v.ApplicationArn + }).(pulumi.StringPtrOutput) +} + +// The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. +func (o WebAppIdentityProviderDetailsPtrOutput) InstanceArn() pulumi.StringPtrOutput { + return o.ApplyT(func(v *WebAppIdentityProviderDetails) *string { + if v == nil { + return nil + } + return v.InstanceArn + }).(pulumi.StringPtrOutput) +} + +// The IAM role in IAM Identity Center used for the web app. +func (o WebAppIdentityProviderDetailsPtrOutput) Role() pulumi.StringPtrOutput { + return o.ApplyT(func(v *WebAppIdentityProviderDetails) *string { + if v == nil { + return nil + } + return v.Role + }).(pulumi.StringPtrOutput) +} + +// Key-value pair that can be used to group and search for web apps. +type WebAppTag struct { + // The name assigned to the tag that you create. + Key string `pulumi:"key"` + // Contains one or more values that you assigned to the key name you create. + Value string `pulumi:"value"` +} + +// A union that contains the value for number of concurrent connections or the user sessions on your web app. +type WebAppUnits0Properties struct { + Provisioned int `pulumi:"provisioned"` +} + +// A union that contains the value for number of concurrent connections or the user sessions on your web app. +type WebAppUnitsProperties struct { + Provisioned int `pulumi:"provisioned"` +} + +// WebAppUnitsPropertiesInput is an input type that accepts WebAppUnitsPropertiesArgs and WebAppUnitsPropertiesOutput values. +// You can construct a concrete instance of `WebAppUnitsPropertiesInput` via: +// +// WebAppUnitsPropertiesArgs{...} +type WebAppUnitsPropertiesInput interface { + pulumi.Input + + ToWebAppUnitsPropertiesOutput() WebAppUnitsPropertiesOutput + ToWebAppUnitsPropertiesOutputWithContext(context.Context) WebAppUnitsPropertiesOutput +} + +// A union that contains the value for number of concurrent connections or the user sessions on your web app. +type WebAppUnitsPropertiesArgs struct { + Provisioned pulumi.IntInput `pulumi:"provisioned"` +} + +func (WebAppUnitsPropertiesArgs) ElementType() reflect.Type { + return reflect.TypeOf((*WebAppUnitsProperties)(nil)).Elem() +} + +func (i WebAppUnitsPropertiesArgs) ToWebAppUnitsPropertiesOutput() WebAppUnitsPropertiesOutput { + return i.ToWebAppUnitsPropertiesOutputWithContext(context.Background()) +} + +func (i WebAppUnitsPropertiesArgs) ToWebAppUnitsPropertiesOutputWithContext(ctx context.Context) WebAppUnitsPropertiesOutput { + return pulumi.ToOutputWithContext(ctx, i).(WebAppUnitsPropertiesOutput) +} + +func (i WebAppUnitsPropertiesArgs) ToWebAppUnitsPropertiesPtrOutput() WebAppUnitsPropertiesPtrOutput { + return i.ToWebAppUnitsPropertiesPtrOutputWithContext(context.Background()) +} + +func (i WebAppUnitsPropertiesArgs) ToWebAppUnitsPropertiesPtrOutputWithContext(ctx context.Context) WebAppUnitsPropertiesPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(WebAppUnitsPropertiesOutput).ToWebAppUnitsPropertiesPtrOutputWithContext(ctx) +} + +// WebAppUnitsPropertiesPtrInput is an input type that accepts WebAppUnitsPropertiesArgs, WebAppUnitsPropertiesPtr and WebAppUnitsPropertiesPtrOutput values. +// You can construct a concrete instance of `WebAppUnitsPropertiesPtrInput` via: +// +// WebAppUnitsPropertiesArgs{...} +// +// or: +// +// nil +type WebAppUnitsPropertiesPtrInput interface { + pulumi.Input + + ToWebAppUnitsPropertiesPtrOutput() WebAppUnitsPropertiesPtrOutput + ToWebAppUnitsPropertiesPtrOutputWithContext(context.Context) WebAppUnitsPropertiesPtrOutput +} + +type webAppUnitsPropertiesPtrType WebAppUnitsPropertiesArgs + +func WebAppUnitsPropertiesPtr(v *WebAppUnitsPropertiesArgs) WebAppUnitsPropertiesPtrInput { + return (*webAppUnitsPropertiesPtrType)(v) +} + +func (*webAppUnitsPropertiesPtrType) ElementType() reflect.Type { + return reflect.TypeOf((**WebAppUnitsProperties)(nil)).Elem() +} + +func (i *webAppUnitsPropertiesPtrType) ToWebAppUnitsPropertiesPtrOutput() WebAppUnitsPropertiesPtrOutput { + return i.ToWebAppUnitsPropertiesPtrOutputWithContext(context.Background()) +} + +func (i *webAppUnitsPropertiesPtrType) ToWebAppUnitsPropertiesPtrOutputWithContext(ctx context.Context) WebAppUnitsPropertiesPtrOutput { + return pulumi.ToOutputWithContext(ctx, i).(WebAppUnitsPropertiesPtrOutput) +} + +// A union that contains the value for number of concurrent connections or the user sessions on your web app. +type WebAppUnitsPropertiesOutput struct{ *pulumi.OutputState } + +func (WebAppUnitsPropertiesOutput) ElementType() reflect.Type { + return reflect.TypeOf((*WebAppUnitsProperties)(nil)).Elem() +} + +func (o WebAppUnitsPropertiesOutput) ToWebAppUnitsPropertiesOutput() WebAppUnitsPropertiesOutput { + return o +} + +func (o WebAppUnitsPropertiesOutput) ToWebAppUnitsPropertiesOutputWithContext(ctx context.Context) WebAppUnitsPropertiesOutput { + return o +} + +func (o WebAppUnitsPropertiesOutput) ToWebAppUnitsPropertiesPtrOutput() WebAppUnitsPropertiesPtrOutput { + return o.ToWebAppUnitsPropertiesPtrOutputWithContext(context.Background()) +} + +func (o WebAppUnitsPropertiesOutput) ToWebAppUnitsPropertiesPtrOutputWithContext(ctx context.Context) WebAppUnitsPropertiesPtrOutput { + return o.ApplyTWithContext(ctx, func(_ context.Context, v WebAppUnitsProperties) *WebAppUnitsProperties { + return &v + }).(WebAppUnitsPropertiesPtrOutput) +} + +func (o WebAppUnitsPropertiesOutput) Provisioned() pulumi.IntOutput { + return o.ApplyT(func(v WebAppUnitsProperties) int { return v.Provisioned }).(pulumi.IntOutput) +} + +type WebAppUnitsPropertiesPtrOutput struct{ *pulumi.OutputState } + +func (WebAppUnitsPropertiesPtrOutput) ElementType() reflect.Type { + return reflect.TypeOf((**WebAppUnitsProperties)(nil)).Elem() +} + +func (o WebAppUnitsPropertiesPtrOutput) ToWebAppUnitsPropertiesPtrOutput() WebAppUnitsPropertiesPtrOutput { + return o +} + +func (o WebAppUnitsPropertiesPtrOutput) ToWebAppUnitsPropertiesPtrOutputWithContext(ctx context.Context) WebAppUnitsPropertiesPtrOutput { + return o +} + +func (o WebAppUnitsPropertiesPtrOutput) Elem() WebAppUnitsPropertiesOutput { + return o.ApplyT(func(v *WebAppUnitsProperties) WebAppUnitsProperties { + if v != nil { + return *v + } + var ret WebAppUnitsProperties + return ret + }).(WebAppUnitsPropertiesOutput) +} + +func (o WebAppUnitsPropertiesPtrOutput) Provisioned() pulumi.IntPtrOutput { + return o.ApplyT(func(v *WebAppUnitsProperties) *int { + if v == nil { + return nil + } + return &v.Provisioned + }).(pulumi.IntPtrOutput) +} + // Specifies the details for an EFS file. type WorkflowEfsInputFileLocation struct { // Specifies the EFS filesystem that contains the file. @@ -3936,6 +4387,11 @@ func init() { pulumi.RegisterInputType(reflect.TypeOf((*UserHomeDirectoryMapEntryArrayInput)(nil)).Elem(), UserHomeDirectoryMapEntryArray{}) pulumi.RegisterInputType(reflect.TypeOf((*UserPosixProfileInput)(nil)).Elem(), UserPosixProfileArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*UserPosixProfilePtrInput)(nil)).Elem(), UserPosixProfileArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*WebAppCustomizationInput)(nil)).Elem(), WebAppCustomizationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*WebAppCustomizationPtrInput)(nil)).Elem(), WebAppCustomizationArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*WebAppIdentityProviderDetailsInput)(nil)).Elem(), WebAppIdentityProviderDetailsArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*WebAppUnitsPropertiesInput)(nil)).Elem(), WebAppUnitsPropertiesArgs{}) + pulumi.RegisterInputType(reflect.TypeOf((*WebAppUnitsPropertiesPtrInput)(nil)).Elem(), WebAppUnitsPropertiesArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkflowEfsInputFileLocationInput)(nil)).Elem(), WorkflowEfsInputFileLocationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkflowEfsInputFileLocationPtrInput)(nil)).Elem(), WorkflowEfsInputFileLocationArgs{}) pulumi.RegisterInputType(reflect.TypeOf((*WorkflowInputFileLocationInput)(nil)).Elem(), WorkflowInputFileLocationArgs{}) @@ -3978,6 +4434,12 @@ func init() { pulumi.RegisterOutputType(UserHomeDirectoryMapEntryArrayOutput{}) pulumi.RegisterOutputType(UserPosixProfileOutput{}) pulumi.RegisterOutputType(UserPosixProfilePtrOutput{}) + pulumi.RegisterOutputType(WebAppCustomizationOutput{}) + pulumi.RegisterOutputType(WebAppCustomizationPtrOutput{}) + pulumi.RegisterOutputType(WebAppIdentityProviderDetailsOutput{}) + pulumi.RegisterOutputType(WebAppIdentityProviderDetailsPtrOutput{}) + pulumi.RegisterOutputType(WebAppUnitsPropertiesOutput{}) + pulumi.RegisterOutputType(WebAppUnitsPropertiesPtrOutput{}) pulumi.RegisterOutputType(WorkflowEfsInputFileLocationOutput{}) pulumi.RegisterOutputType(WorkflowEfsInputFileLocationPtrOutput{}) pulumi.RegisterOutputType(WorkflowInputFileLocationOutput{}) diff --git a/sdk/go/aws/transfer/webApp.go b/sdk/go/aws/transfer/webApp.go new file mode 100644 index 0000000000..cf7fa76c52 --- /dev/null +++ b/sdk/go/aws/transfer/webApp.go @@ -0,0 +1,192 @@ +// Code generated by pulumi-language-go DO NOT EDIT. +// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** + +package transfer + +import ( + "context" + "reflect" + + "errors" + "github.com/pulumi/pulumi-aws-native/sdk/go/aws" + "github.com/pulumi/pulumi-aws-native/sdk/go/aws/internal" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +// Resource Type definition for AWS::Transfer::WebApp +type WebApp struct { + pulumi.CustomResourceState + + // The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + AccessEndpoint pulumi.StringPtrOutput `pulumi:"accessEndpoint"` + // Specifies the unique Amazon Resource Name (ARN) for the web app. + Arn pulumi.StringOutput `pulumi:"arn"` + // You can provide a structure that contains the details for the identity provider to use with your web app. + // + // For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + IdentityProviderDetails WebAppIdentityProviderDetailsOutput `pulumi:"identityProviderDetails"` + // Key-value pairs that can be used to group and search for web apps. + Tags aws.TagArrayOutput `pulumi:"tags"` + // A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + WebAppCustomization WebAppCustomizationPtrOutput `pulumi:"webAppCustomization"` + // A unique identifier for the web app. + WebAppId pulumi.StringOutput `pulumi:"webAppId"` + // A union that contains the value for number of concurrent connections or the user sessions on your web app. + WebAppUnits WebAppUnitsPropertiesPtrOutput `pulumi:"webAppUnits"` +} + +// NewWebApp registers a new resource with the given unique name, arguments, and options. +func NewWebApp(ctx *pulumi.Context, + name string, args *WebAppArgs, opts ...pulumi.ResourceOption) (*WebApp, error) { + if args == nil { + return nil, errors.New("missing one or more required arguments") + } + + if args.IdentityProviderDetails == nil { + return nil, errors.New("invalid value for required argument 'IdentityProviderDetails'") + } + replaceOnChanges := pulumi.ReplaceOnChanges([]string{ + "identityProviderDetails.instanceArn", + }) + opts = append(opts, replaceOnChanges) + opts = internal.PkgResourceDefaultOpts(opts) + var resource WebApp + err := ctx.RegisterResource("aws-native:transfer:WebApp", name, args, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// GetWebApp gets an existing WebApp resource's state with the given name, ID, and optional +// state properties that are used to uniquely qualify the lookup (nil if not required). +func GetWebApp(ctx *pulumi.Context, + name string, id pulumi.IDInput, state *WebAppState, opts ...pulumi.ResourceOption) (*WebApp, error) { + var resource WebApp + err := ctx.ReadResource("aws-native:transfer:WebApp", name, id, state, &resource, opts...) + if err != nil { + return nil, err + } + return &resource, nil +} + +// Input properties used for looking up and filtering WebApp resources. +type webAppState struct { +} + +type WebAppState struct { +} + +func (WebAppState) ElementType() reflect.Type { + return reflect.TypeOf((*webAppState)(nil)).Elem() +} + +type webAppArgs struct { + // The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + AccessEndpoint *string `pulumi:"accessEndpoint"` + // You can provide a structure that contains the details for the identity provider to use with your web app. + // + // For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + IdentityProviderDetails WebAppIdentityProviderDetails `pulumi:"identityProviderDetails"` + // Key-value pairs that can be used to group and search for web apps. + Tags []aws.Tag `pulumi:"tags"` + // A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + WebAppCustomization *WebAppCustomization `pulumi:"webAppCustomization"` + // A union that contains the value for number of concurrent connections or the user sessions on your web app. + WebAppUnits *WebAppUnitsProperties `pulumi:"webAppUnits"` +} + +// The set of arguments for constructing a WebApp resource. +type WebAppArgs struct { + // The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + AccessEndpoint pulumi.StringPtrInput + // You can provide a structure that contains the details for the identity provider to use with your web app. + // + // For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + IdentityProviderDetails WebAppIdentityProviderDetailsInput + // Key-value pairs that can be used to group and search for web apps. + Tags aws.TagArrayInput + // A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + WebAppCustomization WebAppCustomizationPtrInput + // A union that contains the value for number of concurrent connections or the user sessions on your web app. + WebAppUnits WebAppUnitsPropertiesPtrInput +} + +func (WebAppArgs) ElementType() reflect.Type { + return reflect.TypeOf((*webAppArgs)(nil)).Elem() +} + +type WebAppInput interface { + pulumi.Input + + ToWebAppOutput() WebAppOutput + ToWebAppOutputWithContext(ctx context.Context) WebAppOutput +} + +func (*WebApp) ElementType() reflect.Type { + return reflect.TypeOf((**WebApp)(nil)).Elem() +} + +func (i *WebApp) ToWebAppOutput() WebAppOutput { + return i.ToWebAppOutputWithContext(context.Background()) +} + +func (i *WebApp) ToWebAppOutputWithContext(ctx context.Context) WebAppOutput { + return pulumi.ToOutputWithContext(ctx, i).(WebAppOutput) +} + +type WebAppOutput struct{ *pulumi.OutputState } + +func (WebAppOutput) ElementType() reflect.Type { + return reflect.TypeOf((**WebApp)(nil)).Elem() +} + +func (o WebAppOutput) ToWebAppOutput() WebAppOutput { + return o +} + +func (o WebAppOutput) ToWebAppOutputWithContext(ctx context.Context) WebAppOutput { + return o +} + +// The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. +func (o WebAppOutput) AccessEndpoint() pulumi.StringPtrOutput { + return o.ApplyT(func(v *WebApp) pulumi.StringPtrOutput { return v.AccessEndpoint }).(pulumi.StringPtrOutput) +} + +// Specifies the unique Amazon Resource Name (ARN) for the web app. +func (o WebAppOutput) Arn() pulumi.StringOutput { + return o.ApplyT(func(v *WebApp) pulumi.StringOutput { return v.Arn }).(pulumi.StringOutput) +} + +// You can provide a structure that contains the details for the identity provider to use with your web app. +// +// For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . +func (o WebAppOutput) IdentityProviderDetails() WebAppIdentityProviderDetailsOutput { + return o.ApplyT(func(v *WebApp) WebAppIdentityProviderDetailsOutput { return v.IdentityProviderDetails }).(WebAppIdentityProviderDetailsOutput) +} + +// Key-value pairs that can be used to group and search for web apps. +func (o WebAppOutput) Tags() aws.TagArrayOutput { + return o.ApplyT(func(v *WebApp) aws.TagArrayOutput { return v.Tags }).(aws.TagArrayOutput) +} + +// A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. +func (o WebAppOutput) WebAppCustomization() WebAppCustomizationPtrOutput { + return o.ApplyT(func(v *WebApp) WebAppCustomizationPtrOutput { return v.WebAppCustomization }).(WebAppCustomizationPtrOutput) +} + +// A unique identifier for the web app. +func (o WebAppOutput) WebAppId() pulumi.StringOutput { + return o.ApplyT(func(v *WebApp) pulumi.StringOutput { return v.WebAppId }).(pulumi.StringOutput) +} + +// A union that contains the value for number of concurrent connections or the user sessions on your web app. +func (o WebAppOutput) WebAppUnits() WebAppUnitsPropertiesPtrOutput { + return o.ApplyT(func(v *WebApp) WebAppUnitsPropertiesPtrOutput { return v.WebAppUnits }).(WebAppUnitsPropertiesPtrOutput) +} + +func init() { + pulumi.RegisterInputType(reflect.TypeOf((*WebAppInput)(nil)).Elem(), &WebApp{}) + pulumi.RegisterOutputType(WebAppOutput{}) +} diff --git a/sdk/nodejs/bedrock/agentAlias.ts b/sdk/nodejs/bedrock/agentAlias.ts index c29a832598..a85272a4d7 100644 --- a/sdk/nodejs/bedrock/agentAlias.ts +++ b/sdk/nodejs/bedrock/agentAlias.ts @@ -61,6 +61,7 @@ export class AgentAlias extends pulumi.CustomResource { * - FAILED – The agent alias API operation failed. * - UPDATING – The agent alias is being updated. * - DELETING – The agent alias is being deleted. + * - DISSOCIATED - The agent alias has no version associated with it. */ public /*out*/ readonly agentAliasStatus!: pulumi.Output; /** diff --git a/sdk/nodejs/bedrock/getAgentAlias.ts b/sdk/nodejs/bedrock/getAgentAlias.ts index 6b63186c69..c85ccbe804 100644 --- a/sdk/nodejs/bedrock/getAgentAlias.ts +++ b/sdk/nodejs/bedrock/getAgentAlias.ts @@ -54,6 +54,7 @@ export interface GetAgentAliasResult { * - FAILED – The agent alias API operation failed. * - UPDATING – The agent alias is being updated. * - DELETING – The agent alias is being deleted. + * - DISSOCIATED - The agent alias has no version associated with it. */ readonly agentAliasStatus?: enums.bedrock.AgentAliasStatus; /** diff --git a/sdk/nodejs/cognito/getUserPoolDomain.ts b/sdk/nodejs/cognito/getUserPoolDomain.ts index 3488124252..1e7951a512 100644 --- a/sdk/nodejs/cognito/getUserPoolDomain.ts +++ b/sdk/nodejs/cognito/getUserPoolDomain.ts @@ -13,15 +13,20 @@ import * as utilities from "../utilities"; export function getUserPoolDomain(args: GetUserPoolDomainArgs, opts?: pulumi.InvokeOptions): Promise { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invoke("aws-native:cognito:getUserPoolDomain", { - "id": args.id, + "domain": args.domain, + "userPoolId": args.userPoolId, }, opts); } export interface GetUserPoolDomainArgs { /** - * The resource ID. + * The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` . */ - id: string; + domain: string; + /** + * The ID of the user pool that is associated with the domain you're updating. + */ + userPoolId: string; } export interface GetUserPoolDomainResult { @@ -35,14 +40,6 @@ export interface GetUserPoolDomainResult { * When you create a custom domain, the passkey RP ID defaults to the custom domain. If you had a prefix domain active, this will cause passkey integration for your prefix domain to stop working due to a mismatch in RP ID. To keep the prefix domain passkey integration working, you can explicitly set RP ID to the prefix domain. */ readonly customDomainConfig?: outputs.cognito.UserPoolDomainCustomDomainConfigType; - /** - * The resource ID. - */ - readonly id?: string; - /** - * A version number that indicates the state of managed login for your domain. Version `1` is hosted UI (classic). Version `2` is the newer managed login with the branding designer. For more information, see [Managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) . - */ - readonly managedLoginVersion?: number; } /** * Resource Type definition for AWS::Cognito::UserPoolDomain @@ -50,13 +47,18 @@ export interface GetUserPoolDomainResult { export function getUserPoolDomainOutput(args: GetUserPoolDomainOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); return pulumi.runtime.invokeOutput("aws-native:cognito:getUserPoolDomain", { - "id": args.id, + "domain": args.domain, + "userPoolId": args.userPoolId, }, opts); } export interface GetUserPoolDomainOutputArgs { /** - * The resource ID. + * The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` . + */ + domain: pulumi.Input; + /** + * The ID of the user pool that is associated with the domain you're updating. */ - id: pulumi.Input; + userPoolId: pulumi.Input; } diff --git a/sdk/nodejs/cognito/userPoolDomain.ts b/sdk/nodejs/cognito/userPoolDomain.ts index a26a939ee4..e9dbad7b87 100644 --- a/sdk/nodejs/cognito/userPoolDomain.ts +++ b/sdk/nodejs/cognito/userPoolDomain.ts @@ -37,10 +37,6 @@ export class UserPoolDomain extends pulumi.CustomResource { return obj['__pulumiType'] === UserPoolDomain.__pulumiType; } - /** - * The resource ID. - */ - public /*out*/ readonly awsId!: pulumi.Output; /** * The Amazon CloudFront endpoint that you use as the target of the alias that you set up with your Domain Name Service (DNS) provider. */ @@ -85,10 +81,8 @@ export class UserPoolDomain extends pulumi.CustomResource { resourceInputs["domain"] = args ? args.domain : undefined; resourceInputs["managedLoginVersion"] = args ? args.managedLoginVersion : undefined; resourceInputs["userPoolId"] = args ? args.userPoolId : undefined; - resourceInputs["awsId"] = undefined /*out*/; resourceInputs["cloudFrontDistribution"] = undefined /*out*/; } else { - resourceInputs["awsId"] = undefined /*out*/; resourceInputs["cloudFrontDistribution"] = undefined /*out*/; resourceInputs["customDomainConfig"] = undefined /*out*/; resourceInputs["domain"] = undefined /*out*/; diff --git a/sdk/nodejs/connect/contactFlowVersion.ts b/sdk/nodejs/connect/contactFlowVersion.ts new file mode 100644 index 0000000000..de57aad710 --- /dev/null +++ b/sdk/nodejs/connect/contactFlowVersion.ts @@ -0,0 +1,103 @@ +// *** WARNING: this file was generated by pulumi-language-nodejs. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * Resource Type Definition for ContactFlowVersion + */ +export class ContactFlowVersion extends pulumi.CustomResource { + /** + * Get an existing ContactFlowVersion resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): ContactFlowVersion { + return new ContactFlowVersion(name, undefined as any, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'aws-native:connect:ContactFlowVersion'; + + /** + * Returns true if the given object is an instance of ContactFlowVersion. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is ContactFlowVersion { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === ContactFlowVersion.__pulumiType; + } + + /** + * The ARN of the contact flow this version is tied to. + */ + public readonly contactFlowId!: pulumi.Output; + /** + * The identifier of the contact flow version (ARN). + */ + public /*out*/ readonly contactFlowVersionArn!: pulumi.Output; + /** + * The description of the version. + */ + public readonly description!: pulumi.Output; + /** + * Indicates the checksum value of the latest published flow content + */ + public /*out*/ readonly flowContentSha256!: pulumi.Output; + /** + * The version number of this revision + */ + public /*out*/ readonly version!: pulumi.Output; + + /** + * Create a ContactFlowVersion resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: ContactFlowVersionArgs, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (!opts.id) { + if ((!args || args.contactFlowId === undefined) && !opts.urn) { + throw new Error("Missing required property 'contactFlowId'"); + } + resourceInputs["contactFlowId"] = args ? args.contactFlowId : undefined; + resourceInputs["description"] = args ? args.description : undefined; + resourceInputs["contactFlowVersionArn"] = undefined /*out*/; + resourceInputs["flowContentSha256"] = undefined /*out*/; + resourceInputs["version"] = undefined /*out*/; + } else { + resourceInputs["contactFlowId"] = undefined /*out*/; + resourceInputs["contactFlowVersionArn"] = undefined /*out*/; + resourceInputs["description"] = undefined /*out*/; + resourceInputs["flowContentSha256"] = undefined /*out*/; + resourceInputs["version"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + const replaceOnChanges = { replaceOnChanges: ["contactFlowId", "description"] }; + opts = pulumi.mergeOptions(opts, replaceOnChanges); + super(ContactFlowVersion.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * The set of arguments for constructing a ContactFlowVersion resource. + */ +export interface ContactFlowVersionArgs { + /** + * The ARN of the contact flow this version is tied to. + */ + contactFlowId: pulumi.Input; + /** + * The description of the version. + */ + description?: pulumi.Input; +} diff --git a/sdk/nodejs/connect/getContactFlowVersion.ts b/sdk/nodejs/connect/getContactFlowVersion.ts new file mode 100644 index 0000000000..1040aa4050 --- /dev/null +++ b/sdk/nodejs/connect/getContactFlowVersion.ts @@ -0,0 +1,53 @@ +// *** WARNING: this file was generated by pulumi-language-nodejs. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as utilities from "../utilities"; + +/** + * Resource Type Definition for ContactFlowVersion + */ +export function getContactFlowVersion(args: GetContactFlowVersionArgs, opts?: pulumi.InvokeOptions): Promise { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("aws-native:connect:getContactFlowVersion", { + "contactFlowVersionArn": args.contactFlowVersionArn, + }, opts); +} + +export interface GetContactFlowVersionArgs { + /** + * The identifier of the contact flow version (ARN). + */ + contactFlowVersionArn: string; +} + +export interface GetContactFlowVersionResult { + /** + * The identifier of the contact flow version (ARN). + */ + readonly contactFlowVersionArn?: string; + /** + * Indicates the checksum value of the latest published flow content + */ + readonly flowContentSha256?: string; + /** + * The version number of this revision + */ + readonly version?: number; +} +/** + * Resource Type Definition for ContactFlowVersion + */ +export function getContactFlowVersionOutput(args: GetContactFlowVersionOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invokeOutput("aws-native:connect:getContactFlowVersion", { + "contactFlowVersionArn": args.contactFlowVersionArn, + }, opts); +} + +export interface GetContactFlowVersionOutputArgs { + /** + * The identifier of the contact flow version (ARN). + */ + contactFlowVersionArn: pulumi.Input; +} diff --git a/sdk/nodejs/connect/index.ts b/sdk/nodejs/connect/index.ts index c9b8cc3f06..3da2f044ac 100644 --- a/sdk/nodejs/connect/index.ts +++ b/sdk/nodejs/connect/index.ts @@ -25,6 +25,11 @@ export type ContactFlowModule = import("./contactFlowModule").ContactFlowModule; export const ContactFlowModule: typeof import("./contactFlowModule").ContactFlowModule = null as any; utilities.lazyLoad(exports, ["ContactFlowModule"], () => require("./contactFlowModule")); +export { ContactFlowVersionArgs } from "./contactFlowVersion"; +export type ContactFlowVersion = import("./contactFlowVersion").ContactFlowVersion; +export const ContactFlowVersion: typeof import("./contactFlowVersion").ContactFlowVersion = null as any; +utilities.lazyLoad(exports, ["ContactFlowVersion"], () => require("./contactFlowVersion")); + export { EmailAddressArgs } from "./emailAddress"; export type EmailAddress = import("./emailAddress").EmailAddress; export const EmailAddress: typeof import("./emailAddress").EmailAddress = null as any; @@ -50,6 +55,11 @@ export const getContactFlowModule: typeof import("./getContactFlowModule").getCo export const getContactFlowModuleOutput: typeof import("./getContactFlowModule").getContactFlowModuleOutput = null as any; utilities.lazyLoad(exports, ["getContactFlowModule","getContactFlowModuleOutput"], () => require("./getContactFlowModule")); +export { GetContactFlowVersionArgs, GetContactFlowVersionResult, GetContactFlowVersionOutputArgs } from "./getContactFlowVersion"; +export const getContactFlowVersion: typeof import("./getContactFlowVersion").getContactFlowVersion = null as any; +export const getContactFlowVersionOutput: typeof import("./getContactFlowVersion").getContactFlowVersionOutput = null as any; +utilities.lazyLoad(exports, ["getContactFlowVersion","getContactFlowVersionOutput"], () => require("./getContactFlowVersion")); + export { GetEmailAddressArgs, GetEmailAddressResult, GetEmailAddressOutputArgs } from "./getEmailAddress"; export const getEmailAddress: typeof import("./getEmailAddress").getEmailAddress = null as any; export const getEmailAddressOutput: typeof import("./getEmailAddress").getEmailAddressOutput = null as any; @@ -276,6 +286,8 @@ const _module = { return new ContactFlow(name, undefined, { urn }) case "aws-native:connect:ContactFlowModule": return new ContactFlowModule(name, undefined, { urn }) + case "aws-native:connect:ContactFlowVersion": + return new ContactFlowVersion(name, undefined, { urn }) case "aws-native:connect:EmailAddress": return new EmailAddress(name, undefined, { urn }) case "aws-native:connect:EvaluationForm": diff --git a/sdk/nodejs/datasync/getLocationSmb.ts b/sdk/nodejs/datasync/getLocationSmb.ts index 25e44213f6..702ecbefb6 100644 --- a/sdk/nodejs/datasync/getLocationSmb.ts +++ b/sdk/nodejs/datasync/getLocationSmb.ts @@ -29,10 +29,22 @@ export interface GetLocationSmbResult { * The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location. */ readonly agentArns?: string[]; + /** + * The authentication mode used to determine identity of user. + */ + readonly authenticationType?: enums.datasync.LocationSmbAuthenticationType; + /** + * Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + */ + readonly dnsIpAddresses?: string[]; /** * The name of the Windows domain that the SMB server belongs to. */ readonly domain?: string; + /** + * Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + */ + readonly kerberosPrincipal?: string; /** * The Amazon Resource Name (ARN) of the SMB location that is created. */ diff --git a/sdk/nodejs/datasync/locationSmb.ts b/sdk/nodejs/datasync/locationSmb.ts index af98a53eb1..a6712bf33d 100644 --- a/sdk/nodejs/datasync/locationSmb.ts +++ b/sdk/nodejs/datasync/locationSmb.ts @@ -41,10 +41,30 @@ export class LocationSmb extends pulumi.CustomResource { * The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location. */ public readonly agentArns!: pulumi.Output; + /** + * The authentication mode used to determine identity of user. + */ + public readonly authenticationType!: pulumi.Output; + /** + * Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + */ + public readonly dnsIpAddresses!: pulumi.Output; /** * The name of the Windows domain that the SMB server belongs to. */ public readonly domain!: pulumi.Output; + /** + * The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file. + */ + public readonly kerberosKeytab!: pulumi.Output; + /** + * The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file. + */ + public readonly kerberosKrb5Conf!: pulumi.Output; + /** + * Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + */ + public readonly kerberosPrincipal!: pulumi.Output; /** * The Amazon Resource Name (ARN) of the SMB location that is created. */ @@ -76,7 +96,7 @@ export class LocationSmb extends pulumi.CustomResource { /** * The user who can mount the share, has the permissions to access files and folders in the SMB share. */ - public readonly user!: pulumi.Output; + public readonly user!: pulumi.Output; /** * Create a LocationSmb resource with the given unique name, arguments, and options. @@ -92,11 +112,13 @@ export class LocationSmb extends pulumi.CustomResource { if ((!args || args.agentArns === undefined) && !opts.urn) { throw new Error("Missing required property 'agentArns'"); } - if ((!args || args.user === undefined) && !opts.urn) { - throw new Error("Missing required property 'user'"); - } resourceInputs["agentArns"] = args ? args.agentArns : undefined; + resourceInputs["authenticationType"] = args ? args.authenticationType : undefined; + resourceInputs["dnsIpAddresses"] = args ? args.dnsIpAddresses : undefined; resourceInputs["domain"] = args ? args.domain : undefined; + resourceInputs["kerberosKeytab"] = args ? args.kerberosKeytab : undefined; + resourceInputs["kerberosKrb5Conf"] = args ? args.kerberosKrb5Conf : undefined; + resourceInputs["kerberosPrincipal"] = args ? args.kerberosPrincipal : undefined; resourceInputs["mountOptions"] = args ? args.mountOptions : undefined; resourceInputs["password"] = args ? args.password : undefined; resourceInputs["serverHostname"] = args ? args.serverHostname : undefined; @@ -107,7 +129,12 @@ export class LocationSmb extends pulumi.CustomResource { resourceInputs["locationUri"] = undefined /*out*/; } else { resourceInputs["agentArns"] = undefined /*out*/; + resourceInputs["authenticationType"] = undefined /*out*/; + resourceInputs["dnsIpAddresses"] = undefined /*out*/; resourceInputs["domain"] = undefined /*out*/; + resourceInputs["kerberosKeytab"] = undefined /*out*/; + resourceInputs["kerberosKrb5Conf"] = undefined /*out*/; + resourceInputs["kerberosPrincipal"] = undefined /*out*/; resourceInputs["locationArn"] = undefined /*out*/; resourceInputs["locationUri"] = undefined /*out*/; resourceInputs["mountOptions"] = undefined /*out*/; @@ -118,8 +145,6 @@ export class LocationSmb extends pulumi.CustomResource { resourceInputs["user"] = undefined /*out*/; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); - const replaceOnChanges = { replaceOnChanges: ["serverHostname"] }; - opts = pulumi.mergeOptions(opts, replaceOnChanges); super(LocationSmb.__pulumiType, name, resourceInputs, opts); } } @@ -132,10 +157,30 @@ export interface LocationSmbArgs { * The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location. */ agentArns: pulumi.Input[]>; + /** + * The authentication mode used to determine identity of user. + */ + authenticationType?: pulumi.Input; + /** + * Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + */ + dnsIpAddresses?: pulumi.Input[]>; /** * The name of the Windows domain that the SMB server belongs to. */ domain?: pulumi.Input; + /** + * The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file. + */ + kerberosKeytab?: pulumi.Input; + /** + * The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file. + */ + kerberosKrb5Conf?: pulumi.Input; + /** + * Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + */ + kerberosPrincipal?: pulumi.Input; /** * Specifies the version of the SMB protocol that DataSync uses to access your SMB file server. */ @@ -159,5 +204,5 @@ export interface LocationSmbArgs { /** * The user who can mount the share, has the permissions to access files and folders in the SMB share. */ - user: pulumi.Input; + user?: pulumi.Input; } diff --git a/sdk/nodejs/ecs/cluster.ts b/sdk/nodejs/ecs/cluster.ts index ac2a7fdbe2..e2deae96b4 100644 --- a/sdk/nodejs/ecs/cluster.ts +++ b/sdk/nodejs/ecs/cluster.ts @@ -53,7 +53,9 @@ export class Cluster extends pulumi.CustomResource { */ public readonly clusterName!: pulumi.Output; /** - * The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + * The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + * Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + * For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. */ public readonly clusterSettings!: pulumi.Output; /** @@ -134,7 +136,9 @@ export interface ClusterArgs { */ clusterName?: pulumi.Input; /** - * The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + * The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + * Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + * For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. */ clusterSettings?: pulumi.Input[]>; /** diff --git a/sdk/nodejs/ecs/getCluster.ts b/sdk/nodejs/ecs/getCluster.ts index 2600bc52b0..46efdbdfe3 100644 --- a/sdk/nodejs/ecs/getCluster.ts +++ b/sdk/nodejs/ecs/getCluster.ts @@ -37,7 +37,9 @@ export interface GetClusterResult { */ readonly capacityProviders?: string[]; /** - * The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + * The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + * Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + * For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. */ readonly clusterSettings?: outputs.ecs.ClusterSettings[]; /** diff --git a/sdk/nodejs/efs/getMountTarget.ts b/sdk/nodejs/efs/getMountTarget.ts index 8d3fe44459..d385d9a3c9 100644 --- a/sdk/nodejs/efs/getMountTarget.ts +++ b/sdk/nodejs/efs/getMountTarget.ts @@ -31,7 +31,7 @@ export interface GetMountTargetResult { */ readonly id?: string; /** - * Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + * VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). */ readonly securityGroups?: string[]; } diff --git a/sdk/nodejs/efs/mountTarget.ts b/sdk/nodejs/efs/mountTarget.ts index d640603e86..db8430271e 100644 --- a/sdk/nodejs/efs/mountTarget.ts +++ b/sdk/nodejs/efs/mountTarget.ts @@ -49,7 +49,7 @@ export class MountTarget extends pulumi.CustomResource { */ public readonly ipAddress!: pulumi.Output; /** - * Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + * VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). */ public readonly securityGroups!: pulumi.Output; /** @@ -109,7 +109,7 @@ export interface MountTargetArgs { */ ipAddress?: pulumi.Input; /** - * Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + * VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). */ securityGroups: pulumi.Input[]>; /** diff --git a/sdk/nodejs/emrcontainers/getVirtualCluster.ts b/sdk/nodejs/emrcontainers/getVirtualCluster.ts index 5eaa929a81..a3be4c4736 100644 --- a/sdk/nodejs/emrcontainers/getVirtualCluster.ts +++ b/sdk/nodejs/emrcontainers/getVirtualCluster.ts @@ -33,6 +33,10 @@ export interface GetVirtualClusterResult { * Id of the virtual cluster. */ readonly id?: string; + /** + * The ID of the security configuration. + */ + readonly securityConfigurationId?: string; /** * An array of key-value pairs to apply to this virtual cluster. */ diff --git a/sdk/nodejs/emrcontainers/virtualCluster.ts b/sdk/nodejs/emrcontainers/virtualCluster.ts index 293624b17e..cf51e56353 100644 --- a/sdk/nodejs/emrcontainers/virtualCluster.ts +++ b/sdk/nodejs/emrcontainers/virtualCluster.ts @@ -105,6 +105,10 @@ export class VirtualCluster extends pulumi.CustomResource { * Name of the virtual cluster. */ public readonly name!: pulumi.Output; + /** + * The ID of the security configuration. + */ + public readonly securityConfigurationId!: pulumi.Output; /** * An array of key-value pairs to apply to this virtual cluster. */ @@ -126,6 +130,7 @@ export class VirtualCluster extends pulumi.CustomResource { } resourceInputs["containerProvider"] = args ? args.containerProvider : undefined; resourceInputs["name"] = args ? args.name : undefined; + resourceInputs["securityConfigurationId"] = args ? args.securityConfigurationId : undefined; resourceInputs["tags"] = args ? args.tags : undefined; resourceInputs["arn"] = undefined /*out*/; resourceInputs["awsId"] = undefined /*out*/; @@ -134,6 +139,7 @@ export class VirtualCluster extends pulumi.CustomResource { resourceInputs["awsId"] = undefined /*out*/; resourceInputs["containerProvider"] = undefined /*out*/; resourceInputs["name"] = undefined /*out*/; + resourceInputs["securityConfigurationId"] = undefined /*out*/; resourceInputs["tags"] = undefined /*out*/; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); @@ -155,6 +161,10 @@ export interface VirtualClusterArgs { * Name of the virtual cluster. */ name?: pulumi.Input; + /** + * The ID of the security configuration. + */ + securityConfigurationId?: pulumi.Input; /** * An array of key-value pairs to apply to this virtual cluster. */ diff --git a/sdk/nodejs/fms/getPolicy.ts b/sdk/nodejs/fms/getPolicy.ts index d38b0a9b0f..cb11772f85 100644 --- a/sdk/nodejs/fms/getPolicy.ts +++ b/sdk/nodejs/fms/getPolicy.ts @@ -118,7 +118,7 @@ export interface GetPolicyResult { * * This contains the following settings: * - * - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + * - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . * * Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` * - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. diff --git a/sdk/nodejs/fms/policy.ts b/sdk/nodejs/fms/policy.ts index 4275efc360..b7d5af7bac 100644 --- a/sdk/nodejs/fms/policy.ts +++ b/sdk/nodejs/fms/policy.ts @@ -147,7 +147,7 @@ export class Policy extends pulumi.CustomResource { * * This contains the following settings: * - * - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + * - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . * * Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` * - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. @@ -404,7 +404,7 @@ export interface PolicyArgs { * * This contains the following settings: * - * - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + * - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . * * Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` * - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. diff --git a/sdk/nodejs/groundstation/dataflowEndpointGroup.ts b/sdk/nodejs/groundstation/dataflowEndpointGroup.ts index 6252127782..2ed341f8f2 100644 --- a/sdk/nodejs/groundstation/dataflowEndpointGroup.ts +++ b/sdk/nodejs/groundstation/dataflowEndpointGroup.ts @@ -116,6 +116,8 @@ export class DataflowEndpointGroup extends pulumi.CustomResource { resourceInputs["tags"] = undefined /*out*/; } opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + const replaceOnChanges = { replaceOnChanges: ["contactPostPassDurationSeconds", "contactPrePassDurationSeconds", "endpointDetails[*]"] }; + opts = pulumi.mergeOptions(opts, replaceOnChanges); super(DataflowEndpointGroup.__pulumiType, name, resourceInputs, opts); } } diff --git a/sdk/nodejs/groundstation/getDataflowEndpointGroup.ts b/sdk/nodejs/groundstation/getDataflowEndpointGroup.ts index 7f1c9fa985..100001056a 100644 --- a/sdk/nodejs/groundstation/getDataflowEndpointGroup.ts +++ b/sdk/nodejs/groundstation/getDataflowEndpointGroup.ts @@ -29,18 +29,6 @@ export interface GetDataflowEndpointGroupResult { * The ARN of the dataflow endpoint group, such as `arn:aws:groundstation:us-east-2:1234567890:dataflow-endpoint-group/9940bf3b-d2ba-427e-9906-842b5e5d2296` . */ readonly arn?: string; - /** - * Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state. - */ - readonly contactPostPassDurationSeconds?: number; - /** - * Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state. - */ - readonly contactPrePassDurationSeconds?: number; - /** - * List of Endpoint Details, containing address and port for each endpoint. - */ - readonly endpointDetails?: outputs.groundstation.DataflowEndpointGroupEndpointDetails[]; /** * UUID of a dataflow endpoint group. */ diff --git a/sdk/nodejs/transfer/getWebApp.ts b/sdk/nodejs/transfer/getWebApp.ts new file mode 100644 index 0000000000..749914c9fd --- /dev/null +++ b/sdk/nodejs/transfer/getWebApp.ts @@ -0,0 +1,74 @@ +// *** WARNING: this file was generated by pulumi-language-nodejs. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as enums from "../types/enums"; +import * as utilities from "../utilities"; + +/** + * Resource Type definition for AWS::Transfer::WebApp + */ +export function getWebApp(args: GetWebAppArgs, opts?: pulumi.InvokeOptions): Promise { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invoke("aws-native:transfer:getWebApp", { + "arn": args.arn, + }, opts); +} + +export interface GetWebAppArgs { + /** + * Specifies the unique Amazon Resource Name (ARN) for the web app. + */ + arn: string; +} + +export interface GetWebAppResult { + /** + * The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + */ + readonly accessEndpoint?: string; + /** + * Specifies the unique Amazon Resource Name (ARN) for the web app. + */ + readonly arn?: string; + /** + * You can provide a structure that contains the details for the identity provider to use with your web app. + * + * For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + */ + readonly identityProviderDetails?: outputs.transfer.WebAppIdentityProviderDetails; + /** + * Key-value pairs that can be used to group and search for web apps. + */ + readonly tags?: outputs.Tag[]; + /** + * A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + */ + readonly webAppCustomization?: outputs.transfer.WebAppCustomization; + /** + * A unique identifier for the web app. + */ + readonly webAppId?: string; + /** + * A union that contains the value for number of concurrent connections or the user sessions on your web app. + */ + readonly webAppUnits?: outputs.transfer.WebAppUnitsProperties; +} +/** + * Resource Type definition for AWS::Transfer::WebApp + */ +export function getWebAppOutput(args: GetWebAppOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output { + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts || {}); + return pulumi.runtime.invokeOutput("aws-native:transfer:getWebApp", { + "arn": args.arn, + }, opts); +} + +export interface GetWebAppOutputArgs { + /** + * Specifies the unique Amazon Resource Name (ARN) for the web app. + */ + arn: pulumi.Input; +} diff --git a/sdk/nodejs/transfer/index.ts b/sdk/nodejs/transfer/index.ts index f52a021a76..f599e4fe6f 100644 --- a/sdk/nodejs/transfer/index.ts +++ b/sdk/nodejs/transfer/index.ts @@ -50,6 +50,11 @@ export const getUser: typeof import("./getUser").getUser = null as any; export const getUserOutput: typeof import("./getUser").getUserOutput = null as any; utilities.lazyLoad(exports, ["getUser","getUserOutput"], () => require("./getUser")); +export { GetWebAppArgs, GetWebAppResult, GetWebAppOutputArgs } from "./getWebApp"; +export const getWebApp: typeof import("./getWebApp").getWebApp = null as any; +export const getWebAppOutput: typeof import("./getWebApp").getWebAppOutput = null as any; +utilities.lazyLoad(exports, ["getWebApp","getWebAppOutput"], () => require("./getWebApp")); + export { GetWorkflowArgs, GetWorkflowResult, GetWorkflowOutputArgs } from "./getWorkflow"; export const getWorkflow: typeof import("./getWorkflow").getWorkflow = null as any; export const getWorkflowOutput: typeof import("./getWorkflow").getWorkflowOutput = null as any; @@ -70,6 +75,11 @@ export type User = import("./user").User; export const User: typeof import("./user").User = null as any; utilities.lazyLoad(exports, ["User"], () => require("./user")); +export { WebAppArgs } from "./webApp"; +export type WebApp = import("./webApp").WebApp; +export const WebApp: typeof import("./webApp").WebApp = null as any; +utilities.lazyLoad(exports, ["WebApp"], () => require("./webApp")); + export { WorkflowArgs } from "./workflow"; export type Workflow = import("./workflow").Workflow; export const Workflow: typeof import("./workflow").Workflow = null as any; @@ -95,6 +105,8 @@ const _module = { return new Server(name, undefined, { urn }) case "aws-native:transfer:User": return new User(name, undefined, { urn }) + case "aws-native:transfer:WebApp": + return new WebApp(name, undefined, { urn }) case "aws-native:transfer:Workflow": return new Workflow(name, undefined, { urn }) default: diff --git a/sdk/nodejs/transfer/webApp.ts b/sdk/nodejs/transfer/webApp.ts new file mode 100644 index 0000000000..fa33302e0d --- /dev/null +++ b/sdk/nodejs/transfer/webApp.ts @@ -0,0 +1,134 @@ +// *** WARNING: this file was generated by pulumi-language-nodejs. *** +// *** Do not edit by hand unless you're certain you know what you are doing! *** + +import * as pulumi from "@pulumi/pulumi"; +import * as inputs from "../types/input"; +import * as outputs from "../types/output"; +import * as enums from "../types/enums"; +import * as utilities from "../utilities"; + +/** + * Resource Type definition for AWS::Transfer::WebApp + */ +export class WebApp extends pulumi.CustomResource { + /** + * Get an existing WebApp resource's state with the given name, ID, and optional extra + * properties used to qualify the lookup. + * + * @param name The _unique_ name of the resulting resource. + * @param id The _unique_ provider ID of the resource to lookup. + * @param opts Optional settings to control the behavior of the CustomResource. + */ + public static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): WebApp { + return new WebApp(name, undefined as any, { ...opts, id: id }); + } + + /** @internal */ + public static readonly __pulumiType = 'aws-native:transfer:WebApp'; + + /** + * Returns true if the given object is an instance of WebApp. This is designed to work even + * when multiple copies of the Pulumi SDK have been loaded into the same process. + */ + public static isInstance(obj: any): obj is WebApp { + if (obj === undefined || obj === null) { + return false; + } + return obj['__pulumiType'] === WebApp.__pulumiType; + } + + /** + * The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + */ + public readonly accessEndpoint!: pulumi.Output; + /** + * Specifies the unique Amazon Resource Name (ARN) for the web app. + */ + public /*out*/ readonly arn!: pulumi.Output; + /** + * You can provide a structure that contains the details for the identity provider to use with your web app. + * + * For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + */ + public readonly identityProviderDetails!: pulumi.Output; + /** + * Key-value pairs that can be used to group and search for web apps. + */ + public readonly tags!: pulumi.Output; + /** + * A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + */ + public readonly webAppCustomization!: pulumi.Output; + /** + * A unique identifier for the web app. + */ + public /*out*/ readonly webAppId!: pulumi.Output; + /** + * A union that contains the value for number of concurrent connections or the user sessions on your web app. + */ + public readonly webAppUnits!: pulumi.Output; + + /** + * Create a WebApp resource with the given unique name, arguments, and options. + * + * @param name The _unique_ name of the resource. + * @param args The arguments to use to populate this resource's properties. + * @param opts A bag of options that control this resource's behavior. + */ + constructor(name: string, args: WebAppArgs, opts?: pulumi.CustomResourceOptions) { + let resourceInputs: pulumi.Inputs = {}; + opts = opts || {}; + if (!opts.id) { + if ((!args || args.identityProviderDetails === undefined) && !opts.urn) { + throw new Error("Missing required property 'identityProviderDetails'"); + } + resourceInputs["accessEndpoint"] = args ? args.accessEndpoint : undefined; + resourceInputs["identityProviderDetails"] = args ? args.identityProviderDetails : undefined; + resourceInputs["tags"] = args ? args.tags : undefined; + resourceInputs["webAppCustomization"] = args ? args.webAppCustomization : undefined; + resourceInputs["webAppUnits"] = args ? args.webAppUnits : undefined; + resourceInputs["arn"] = undefined /*out*/; + resourceInputs["webAppId"] = undefined /*out*/; + } else { + resourceInputs["accessEndpoint"] = undefined /*out*/; + resourceInputs["arn"] = undefined /*out*/; + resourceInputs["identityProviderDetails"] = undefined /*out*/; + resourceInputs["tags"] = undefined /*out*/; + resourceInputs["webAppCustomization"] = undefined /*out*/; + resourceInputs["webAppId"] = undefined /*out*/; + resourceInputs["webAppUnits"] = undefined /*out*/; + } + opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts); + const replaceOnChanges = { replaceOnChanges: ["identityProviderDetails.instanceArn"] }; + opts = pulumi.mergeOptions(opts, replaceOnChanges); + super(WebApp.__pulumiType, name, resourceInputs, opts); + } +} + +/** + * The set of arguments for constructing a WebApp resource. + */ +export interface WebAppArgs { + /** + * The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + */ + accessEndpoint?: pulumi.Input; + /** + * You can provide a structure that contains the details for the identity provider to use with your web app. + * + * For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + */ + identityProviderDetails: pulumi.Input; + /** + * Key-value pairs that can be used to group and search for web apps. + */ + tags?: pulumi.Input[]>; + /** + * A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + */ + webAppCustomization?: pulumi.Input; + /** + * A union that contains the value for number of concurrent connections or the user sessions on your web app. + */ + webAppUnits?: pulumi.Input; +} diff --git a/sdk/nodejs/tsconfig.json b/sdk/nodejs/tsconfig.json index 0d9e9c3a11..a33a51d34e 100644 --- a/sdk/nodejs/tsconfig.json +++ b/sdk/nodejs/tsconfig.json @@ -514,11 +514,13 @@ "connect/approvedOrigin.ts", "connect/contactFlow.ts", "connect/contactFlowModule.ts", + "connect/contactFlowVersion.ts", "connect/emailAddress.ts", "connect/evaluationForm.ts", "connect/getAgentStatus.ts", "connect/getContactFlow.ts", "connect/getContactFlowModule.ts", + "connect/getContactFlowVersion.ts", "connect/getEmailAddress.ts", "connect/getEvaluationForm.ts", "connect/getHoursOfOperation.ts", @@ -2340,11 +2342,13 @@ "transfer/getProfile.ts", "transfer/getServer.ts", "transfer/getUser.ts", + "transfer/getWebApp.ts", "transfer/getWorkflow.ts", "transfer/index.ts", "transfer/profile.ts", "transfer/server.ts", "transfer/user.ts", + "transfer/webApp.ts", "transfer/workflow.ts", "types/enums/amplify/index.ts", "types/enums/amplifyuibuilder/index.ts", diff --git a/sdk/nodejs/types/enums/bedrock/index.ts b/sdk/nodejs/types/enums/bedrock/index.ts index 8011bba022..3de2f54fa1 100644 --- a/sdk/nodejs/types/enums/bedrock/index.ts +++ b/sdk/nodejs/types/enums/bedrock/index.ts @@ -646,6 +646,15 @@ export const KnowledgeBaseType = { */ export type KnowledgeBaseType = (typeof KnowledgeBaseType)[keyof typeof KnowledgeBaseType]; +export const PromptCachePointType = { + Default: "default", +} as const; + +/** + * CachePoint types for CachePointBlock + */ +export type PromptCachePointType = (typeof PromptCachePointType)[keyof typeof PromptCachePointType]; + export const PromptConversationRole = { User: "user", Assistant: "assistant", @@ -666,6 +675,15 @@ export const PromptTemplateType = { */ export type PromptTemplateType = (typeof PromptTemplateType)[keyof typeof PromptTemplateType]; +export const PromptVersionCachePointType = { + Default: "default", +} as const; + +/** + * CachePoint types for CachePointBlock + */ +export type PromptVersionCachePointType = (typeof PromptVersionCachePointType)[keyof typeof PromptVersionCachePointType]; + export const PromptVersionConversationRole = { User: "user", Assistant: "assistant", diff --git a/sdk/nodejs/types/enums/datasync/index.ts b/sdk/nodejs/types/enums/datasync/index.ts index 16532fae7b..a8a957036a 100644 --- a/sdk/nodejs/types/enums/datasync/index.ts +++ b/sdk/nodejs/types/enums/datasync/index.ts @@ -158,6 +158,16 @@ export const LocationS3S3StorageClass = { */ export type LocationS3S3StorageClass = (typeof LocationS3S3StorageClass)[keyof typeof LocationS3S3StorageClass]; +export const LocationSmbAuthenticationType = { + Ntlm: "NTLM", + Kerberos: "KERBEROS", +} as const; + +/** + * The authentication mode used to determine identity of user. + */ +export type LocationSmbAuthenticationType = (typeof LocationSmbAuthenticationType)[keyof typeof LocationSmbAuthenticationType]; + export const LocationSmbMountOptionsVersion = { Automatic: "AUTOMATIC", Smb1: "SMB1", diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts index 8f0ee6eaf9..4d226be17d 100644 --- a/sdk/nodejs/types/input.ts +++ b/sdk/nodejs/types/input.ts @@ -11961,6 +11961,12 @@ export namespace bedrock { supplementalDataStorageConfiguration?: pulumi.Input; } + /** + * Contains model-specific configurations + */ + export interface PromptAdditionalModelRequestFieldsArgs { + } + /** * Target Agent to invoke with Prompt */ @@ -11983,6 +11989,13 @@ export namespace bedrock { export interface PromptAutoToolChoiceArgs { } + /** + * CachePointBlock + */ + export interface PromptCachePointBlockArgs { + type: pulumi.Input; + } + /** * Configuration for chat prompt template */ @@ -11998,20 +12011,27 @@ export namespace bedrock { /** * Configuration for chat prompt template */ - system?: pulumi.Input[]>; + system?: pulumi.Input[]>; toolConfiguration?: pulumi.Input; } /** * Configuration for chat prompt template */ - export interface PromptContentBlockPropertiesArgs { + export interface PromptContentBlock0PropertiesArgs { /** * Configuration for chat prompt template */ text: pulumi.Input; } + /** + * Configuration for chat prompt template + */ + export interface PromptContentBlock1PropertiesArgs { + cachePoint: pulumi.Input; + } + /** * Target resource to invoke with Prompt */ @@ -12043,7 +12063,7 @@ export namespace bedrock { /** * List of Content Blocks */ - content: pulumi.Input[]>; + content: pulumi.Input[]>; role: pulumi.Input; } @@ -12082,13 +12102,20 @@ export namespace bedrock { /** * Configuration for chat prompt template */ - export interface PromptSystemContentBlockPropertiesArgs { + export interface PromptSystemContentBlock0PropertiesArgs { /** * Configuration for chat prompt template */ text: pulumi.Input; } + /** + * Configuration for chat prompt template + */ + export interface PromptSystemContentBlock1PropertiesArgs { + cachePoint: pulumi.Input; + } + /** * Prompt template configuration */ @@ -12107,6 +12134,7 @@ export namespace bedrock { * Configuration for text prompt template */ export interface PromptTextPromptTemplateConfigurationArgs { + cachePoint?: pulumi.Input; /** * List of input variables */ @@ -12136,6 +12164,20 @@ export namespace bedrock { version?: pulumi.Input; } + /** + * Tool details + */ + export interface PromptTool0PropertiesArgs { + toolSpec: pulumi.Input; + } + + /** + * Tool details + */ + export interface PromptTool1PropertiesArgs { + cachePoint: pulumi.Input; + } + /** * Tool choice */ @@ -12165,7 +12207,7 @@ export namespace bedrock { /** * List of Tools */ - tools: pulumi.Input[]>; + tools: pulumi.Input[]>; } /** @@ -12175,13 +12217,6 @@ export namespace bedrock { json: any; } - /** - * Tool details - */ - export interface PromptToolPropertiesArgs { - toolSpec: pulumi.Input; - } - /** * Tool specification */ @@ -12198,6 +12233,10 @@ export namespace bedrock { * Prompt variant */ export interface PromptVariantArgs { + /** + * Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + */ + additionalModelRequestFields?: pulumi.Input; /** * Specifies a generative AI resource with which to use the prompt. */ @@ -27178,7 +27217,9 @@ export namespace ecs { } /** - * The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + * The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + * Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + * For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. */ export interface ClusterSettingsArgs { /** @@ -27186,8 +27227,10 @@ export namespace ecs { */ name?: pulumi.Input; /** - * The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. - * If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). + * The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. + * To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. + * To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. + * If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). */ value?: pulumi.Input; } @@ -32456,7 +32499,7 @@ export namespace fms { */ policyOption?: pulumi.Input; /** - * The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + * The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . */ type: pulumi.Input; } @@ -33831,6 +33874,28 @@ export namespace glue { path?: pulumi.Input; } + /** + * Specifies Apache Hudi data store targets. + */ + export interface CrawlerHudiTargetArgs { + /** + * The name of the connection to use to connect to the Hudi target. + */ + connectionName?: pulumi.Input; + /** + * A list of global patterns used to exclude from the crawl. + */ + exclusions?: pulumi.Input[]>; + /** + * The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. + */ + maximumTraversalDepth?: pulumi.Input; + /** + * One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . + */ + paths?: pulumi.Input[]>; + } + /** * Specifies Apache Iceberg data store targets. */ @@ -33985,6 +34050,10 @@ export namespace glue { * Specifies Amazon DynamoDB targets. */ dynamoDbTargets?: pulumi.Input[]>; + /** + * Specifies Apache Hudi data store targets. + */ + hudiTargets?: pulumi.Input[]>; /** * Specifies Apache Iceberg data store targets. */ @@ -35101,6 +35170,7 @@ export namespace groundstation { * KMS Alias Arn. */ kmsAliasArn?: pulumi.Input; + kmsAliasName?: pulumi.Input; /** * KMS Key Arn. */ @@ -88227,7 +88297,7 @@ export namespace s3objectlambda { */ export interface AccessPointTransformationConfigurationArgs { /** - * A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` . + * A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . */ actions: pulumi.Input[]>; /** @@ -97156,6 +97226,46 @@ export namespace transfer { uid: pulumi.Input; } + export interface WebAppCustomizationArgs { + /** + * Specifies a favicon to display in the browser tab. + */ + faviconFile?: pulumi.Input; + /** + * Specifies a logo to display on the web app. + */ + logoFile?: pulumi.Input; + /** + * Specifies a title to display on the web app. + */ + title?: pulumi.Input; + } + + /** + * You can provide a structure that contains the details for the identity provider to use with your web app. + */ + export interface WebAppIdentityProviderDetailsArgs { + /** + * The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. + */ + applicationArn?: pulumi.Input; + /** + * The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. + */ + instanceArn?: pulumi.Input; + /** + * The IAM role in IAM Identity Center used for the web app. + */ + role?: pulumi.Input; + } + + /** + * A union that contains the value for number of concurrent connections or the user sessions on your web app. + */ + export interface WebAppUnitsPropertiesArgs { + provisioned: pulumi.Input; + } + /** * Specifies the details for an EFS file. */ diff --git a/sdk/nodejs/types/output.ts b/sdk/nodejs/types/output.ts index be11d33b74..eea8d7f13c 100644 --- a/sdk/nodejs/types/output.ts +++ b/sdk/nodejs/types/output.ts @@ -12405,6 +12405,12 @@ export namespace bedrock { supplementalDataStorageConfiguration?: outputs.bedrock.KnowledgeBaseSupplementalDataStorageConfiguration; } + /** + * Contains model-specific configurations + */ + export interface PromptAdditionalModelRequestFields { + } + /** * Target Agent to invoke with Prompt */ @@ -12427,6 +12433,13 @@ export namespace bedrock { export interface PromptAutoToolChoice { } + /** + * CachePointBlock + */ + export interface PromptCachePointBlock { + type: enums.bedrock.PromptCachePointType; + } + /** * Configuration for chat prompt template */ @@ -12442,20 +12455,27 @@ export namespace bedrock { /** * Configuration for chat prompt template */ - system?: outputs.bedrock.PromptSystemContentBlockProperties[]; + system?: (outputs.bedrock.PromptSystemContentBlock0Properties | outputs.bedrock.PromptSystemContentBlock1Properties)[]; toolConfiguration?: outputs.bedrock.PromptToolConfiguration; } /** * Configuration for chat prompt template */ - export interface PromptContentBlockProperties { + export interface PromptContentBlock0Properties { /** * Configuration for chat prompt template */ text: string; } + /** + * Configuration for chat prompt template + */ + export interface PromptContentBlock1Properties { + cachePoint: outputs.bedrock.PromptCachePointBlock; + } + /** * Target resource to invoke with Prompt */ @@ -12487,7 +12507,7 @@ export namespace bedrock { /** * List of Content Blocks */ - content: outputs.bedrock.PromptContentBlockProperties[]; + content: (outputs.bedrock.PromptContentBlock0Properties | outputs.bedrock.PromptContentBlock1Properties)[]; role: enums.bedrock.PromptConversationRole; } @@ -12526,13 +12546,20 @@ export namespace bedrock { /** * Configuration for chat prompt template */ - export interface PromptSystemContentBlockProperties { + export interface PromptSystemContentBlock0Properties { /** * Configuration for chat prompt template */ text: string; } + /** + * Configuration for chat prompt template + */ + export interface PromptSystemContentBlock1Properties { + cachePoint: outputs.bedrock.PromptCachePointBlock; + } + /** * Prompt template configuration */ @@ -12551,6 +12578,7 @@ export namespace bedrock { * Configuration for text prompt template */ export interface PromptTextPromptTemplateConfiguration { + cachePoint?: outputs.bedrock.PromptCachePointBlock; /** * List of input variables */ @@ -12580,6 +12608,20 @@ export namespace bedrock { version?: string; } + /** + * Tool details + */ + export interface PromptTool0Properties { + toolSpec: outputs.bedrock.PromptToolSpecification; + } + + /** + * Tool details + */ + export interface PromptTool1Properties { + cachePoint: outputs.bedrock.PromptCachePointBlock; + } + /** * Tool choice */ @@ -12609,7 +12651,7 @@ export namespace bedrock { /** * List of Tools */ - tools: outputs.bedrock.PromptToolProperties[]; + tools: (outputs.bedrock.PromptTool0Properties | outputs.bedrock.PromptTool1Properties)[]; } /** @@ -12619,13 +12661,6 @@ export namespace bedrock { json: any; } - /** - * Tool details - */ - export interface PromptToolProperties { - toolSpec: outputs.bedrock.PromptToolSpecification; - } - /** * Tool specification */ @@ -12642,6 +12677,10 @@ export namespace bedrock { * Prompt variant */ export interface PromptVariant { + /** + * Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + */ + additionalModelRequestFields?: outputs.bedrock.PromptAdditionalModelRequestFields; /** * Specifies a generative AI resource with which to use the prompt. */ @@ -12668,6 +12707,12 @@ export namespace bedrock { templateType: enums.bedrock.PromptTemplateType; } + /** + * Contains model-specific configurations + */ + export interface PromptVersionAdditionalModelRequestFields { + } + /** * Any Tool choice */ @@ -12680,6 +12725,13 @@ export namespace bedrock { export interface PromptVersionAutoToolChoice { } + /** + * CachePointBlock + */ + export interface PromptVersionCachePointBlock { + type: enums.bedrock.PromptVersionCachePointType; + } + /** * Configuration for chat prompt template */ @@ -12695,20 +12747,27 @@ export namespace bedrock { /** * Configuration for chat prompt template */ - system?: outputs.bedrock.PromptVersionSystemContentBlockProperties[]; + system?: (outputs.bedrock.PromptVersionSystemContentBlock0Properties | outputs.bedrock.PromptVersionSystemContentBlock1Properties)[]; toolConfiguration?: outputs.bedrock.PromptVersionToolConfiguration; } /** * Configuration for chat prompt template */ - export interface PromptVersionContentBlockProperties { + export interface PromptVersionContentBlock0Properties { /** * Configuration for chat prompt template */ text: string; } + /** + * Configuration for chat prompt template + */ + export interface PromptVersionContentBlock1Properties { + cachePoint: outputs.bedrock.PromptVersionCachePointBlock; + } + /** * Chat prompt Message */ @@ -12716,7 +12775,7 @@ export namespace bedrock { /** * List of Content Blocks */ - content: outputs.bedrock.PromptVersionContentBlockProperties[]; + content: (outputs.bedrock.PromptVersionContentBlock0Properties | outputs.bedrock.PromptVersionContentBlock1Properties)[]; role: enums.bedrock.PromptVersionConversationRole; } @@ -12794,6 +12853,10 @@ export namespace bedrock { * Prompt variant */ export interface PromptVersionPromptVariant { + /** + * Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + */ + additionalModelRequestFields?: outputs.bedrock.PromptVersionAdditionalModelRequestFields; /** * Specifies a generative AI resource with which to use the prompt. */ @@ -12833,17 +12896,25 @@ export namespace bedrock { /** * Configuration for chat prompt template */ - export interface PromptVersionSystemContentBlockProperties { + export interface PromptVersionSystemContentBlock0Properties { /** * Configuration for chat prompt template */ text: string; } + /** + * Configuration for chat prompt template + */ + export interface PromptVersionSystemContentBlock1Properties { + cachePoint: outputs.bedrock.PromptVersionCachePointBlock; + } + /** * Configuration for text prompt template */ export interface PromptVersionTextPromptTemplateConfiguration { + cachePoint?: outputs.bedrock.PromptVersionCachePointBlock; /** * List of input variables */ @@ -12854,6 +12925,20 @@ export namespace bedrock { text: string; } + /** + * Tool details + */ + export interface PromptVersionTool0Properties { + toolSpec: outputs.bedrock.PromptVersionToolSpecification; + } + + /** + * Tool details + */ + export interface PromptVersionTool1Properties { + cachePoint: outputs.bedrock.PromptVersionCachePointBlock; + } + /** * Tool choice */ @@ -12883,7 +12968,7 @@ export namespace bedrock { /** * List of Tools */ - tools: outputs.bedrock.PromptVersionToolProperties[]; + tools: (outputs.bedrock.PromptVersionTool0Properties | outputs.bedrock.PromptVersionTool1Properties)[]; } /** @@ -12893,13 +12978,6 @@ export namespace bedrock { json: any; } - /** - * Tool details - */ - export interface PromptVersionToolProperties { - toolSpec: outputs.bedrock.PromptVersionToolSpecification; - } - /** * Tool specification */ @@ -28692,7 +28770,9 @@ export namespace ecs { } /** - * The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + * The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + * Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + * For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. */ export interface ClusterSettings { /** @@ -28700,8 +28780,10 @@ export namespace ecs { */ name?: string; /** - * The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. - * If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). + * The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. + * To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. + * To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. + * If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). */ value?: string; } @@ -33994,7 +34076,7 @@ export namespace fms { */ policyOption?: outputs.fms.PolicyOption; /** - * The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + * The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . */ type: enums.fms.PolicyType; } @@ -35380,6 +35462,28 @@ export namespace glue { path?: string; } + /** + * Specifies Apache Hudi data store targets. + */ + export interface CrawlerHudiTarget { + /** + * The name of the connection to use to connect to the Hudi target. + */ + connectionName?: string; + /** + * A list of global patterns used to exclude from the crawl. + */ + exclusions?: string[]; + /** + * The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. + */ + maximumTraversalDepth?: number; + /** + * One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . + */ + paths?: string[]; + } + /** * Specifies Apache Iceberg data store targets. */ @@ -35534,6 +35638,10 @@ export namespace glue { * Specifies Amazon DynamoDB targets. */ dynamoDbTargets?: outputs.glue.CrawlerDynamoDbTarget[]; + /** + * Specifies Apache Hudi data store targets. + */ + hudiTargets?: outputs.glue.CrawlerHudiTarget[]; /** * Specifies Apache Iceberg data store targets. */ @@ -36652,6 +36760,7 @@ export namespace groundstation { * KMS Alias Arn. */ kmsAliasArn?: string; + kmsAliasName?: string; /** * KMS Key Arn. */ @@ -90852,7 +90961,7 @@ export namespace s3objectlambda { */ export interface AccessPointTransformationConfiguration { /** - * A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` . + * A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . */ actions: string[]; /** @@ -99844,6 +99953,46 @@ export namespace transfer { uid: number; } + export interface WebAppCustomization { + /** + * Specifies a favicon to display in the browser tab. + */ + faviconFile?: string; + /** + * Specifies a logo to display on the web app. + */ + logoFile?: string; + /** + * Specifies a title to display on the web app. + */ + title?: string; + } + + /** + * You can provide a structure that contains the details for the identity provider to use with your web app. + */ + export interface WebAppIdentityProviderDetails { + /** + * The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. + */ + applicationArn?: string; + /** + * The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. + */ + instanceArn?: string; + /** + * The IAM role in IAM Identity Center used for the web app. + */ + role?: string; + } + + /** + * A union that contains the value for number of concurrent connections or the user sessions on your web app. + */ + export interface WebAppUnitsProperties { + provisioned: number; + } + /** * Specifies the details for an EFS file. */ diff --git a/sdk/python/pulumi_aws_native/__init__.py b/sdk/python/pulumi_aws_native/__init__.py index 441eccfbed..d68632c1f9 100644 --- a/sdk/python/pulumi_aws_native/__init__.py +++ b/sdk/python/pulumi_aws_native/__init__.py @@ -1272,6 +1272,7 @@ "aws-native:connect:ApprovedOrigin": "ApprovedOrigin", "aws-native:connect:ContactFlow": "ContactFlow", "aws-native:connect:ContactFlowModule": "ContactFlowModule", + "aws-native:connect:ContactFlowVersion": "ContactFlowVersion", "aws-native:connect:EmailAddress": "EmailAddress", "aws-native:connect:EvaluationForm": "EvaluationForm", "aws-native:connect:HoursOfOperation": "HoursOfOperation", @@ -3257,6 +3258,7 @@ "aws-native:transfer:Profile": "Profile", "aws-native:transfer:Server": "Server", "aws-native:transfer:User": "User", + "aws-native:transfer:WebApp": "WebApp", "aws-native:transfer:Workflow": "Workflow" } }, diff --git a/sdk/python/pulumi_aws_native/bedrock/_enums.py b/sdk/python/pulumi_aws_native/bedrock/_enums.py index a878d90f38..a623229587 100644 --- a/sdk/python/pulumi_aws_native/bedrock/_enums.py +++ b/sdk/python/pulumi_aws_native/bedrock/_enums.py @@ -61,8 +61,10 @@ 'KnowledgeBaseStorageType', 'KnowledgeBaseSupplementalDataStorageLocationType', 'KnowledgeBaseType', + 'PromptCachePointType', 'PromptConversationRole', 'PromptTemplateType', + 'PromptVersionCachePointType', 'PromptVersionConversationRole', 'PromptVersionPromptTemplateType', ] @@ -600,6 +602,13 @@ class KnowledgeBaseType(str, Enum): SQL = "SQL" +class PromptCachePointType(str, Enum): + """ + CachePoint types for CachePointBlock + """ + DEFAULT = "default" + + class PromptConversationRole(str, Enum): """ Conversation roles for the chat prompt @@ -616,6 +625,13 @@ class PromptTemplateType(str, Enum): CHAT = "CHAT" +class PromptVersionCachePointType(str, Enum): + """ + CachePoint types for CachePointBlock + """ + DEFAULT = "default" + + class PromptVersionConversationRole(str, Enum): """ Conversation roles for the chat prompt diff --git a/sdk/python/pulumi_aws_native/bedrock/_inputs.py b/sdk/python/pulumi_aws_native/bedrock/_inputs.py index 610322e2f1..5d20732a66 100644 --- a/sdk/python/pulumi_aws_native/bedrock/_inputs.py +++ b/sdk/python/pulumi_aws_native/bedrock/_inputs.py @@ -310,16 +310,22 @@ 'KnowledgeBaseSupplementalDataStorageLocationArgsDict', 'KnowledgeBaseVectorKnowledgeBaseConfigurationArgs', 'KnowledgeBaseVectorKnowledgeBaseConfigurationArgsDict', + 'PromptAdditionalModelRequestFieldsArgs', + 'PromptAdditionalModelRequestFieldsArgsDict', 'PromptAgentResourceArgs', 'PromptAgentResourceArgsDict', 'PromptAnyToolChoiceArgs', 'PromptAnyToolChoiceArgsDict', 'PromptAutoToolChoiceArgs', 'PromptAutoToolChoiceArgsDict', + 'PromptCachePointBlockArgs', + 'PromptCachePointBlockArgsDict', 'PromptChatPromptTemplateConfigurationArgs', 'PromptChatPromptTemplateConfigurationArgsDict', - 'PromptContentBlockPropertiesArgs', - 'PromptContentBlockPropertiesArgsDict', + 'PromptContentBlock0PropertiesArgs', + 'PromptContentBlock0PropertiesArgsDict', + 'PromptContentBlock1PropertiesArgs', + 'PromptContentBlock1PropertiesArgsDict', 'PromptGenAiResourcePropertiesArgs', 'PromptGenAiResourcePropertiesArgsDict', 'PromptInferenceConfigurationPropertiesArgs', @@ -332,8 +338,10 @@ 'PromptModelInferenceConfigurationArgsDict', 'PromptSpecificToolChoiceArgs', 'PromptSpecificToolChoiceArgsDict', - 'PromptSystemContentBlockPropertiesArgs', - 'PromptSystemContentBlockPropertiesArgsDict', + 'PromptSystemContentBlock0PropertiesArgs', + 'PromptSystemContentBlock0PropertiesArgsDict', + 'PromptSystemContentBlock1PropertiesArgs', + 'PromptSystemContentBlock1PropertiesArgsDict', 'PromptTemplateConfiguration0PropertiesArgs', 'PromptTemplateConfiguration0PropertiesArgsDict', 'PromptTemplateConfiguration1PropertiesArgs', @@ -342,6 +350,10 @@ 'PromptTextPromptTemplateConfigurationArgsDict', 'PromptTextS3LocationArgs', 'PromptTextS3LocationArgsDict', + 'PromptTool0PropertiesArgs', + 'PromptTool0PropertiesArgsDict', + 'PromptTool1PropertiesArgs', + 'PromptTool1PropertiesArgsDict', 'PromptToolChoice0PropertiesArgs', 'PromptToolChoice0PropertiesArgsDict', 'PromptToolChoice1PropertiesArgs', @@ -352,8 +364,6 @@ 'PromptToolConfigurationArgsDict', 'PromptToolInputSchemaPropertiesArgs', 'PromptToolInputSchemaPropertiesArgsDict', - 'PromptToolPropertiesArgs', - 'PromptToolPropertiesArgsDict', 'PromptToolSpecificationArgs', 'PromptToolSpecificationArgsDict', 'PromptVariantArgs', @@ -8721,6 +8731,24 @@ def supplemental_data_storage_configuration(self, value: Optional[pulumi.Input[' pulumi.set(self, "supplemental_data_storage_configuration", value) +if not MYPY: + class PromptAdditionalModelRequestFieldsArgsDict(TypedDict): + """ + Contains model-specific configurations + """ + pass +elif False: + PromptAdditionalModelRequestFieldsArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class PromptAdditionalModelRequestFieldsArgs: + def __init__(__self__): + """ + Contains model-specific configurations + """ + pass + + if not MYPY: class PromptAgentResourceArgsDict(TypedDict): """ @@ -8792,6 +8820,34 @@ def __init__(__self__): pass +if not MYPY: + class PromptCachePointBlockArgsDict(TypedDict): + """ + CachePointBlock + """ + type: pulumi.Input['PromptCachePointType'] +elif False: + PromptCachePointBlockArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class PromptCachePointBlockArgs: + def __init__(__self__, *, + type: pulumi.Input['PromptCachePointType']): + """ + CachePointBlock + """ + pulumi.set(__self__, "type", type) + + @property + @pulumi.getter + def type(self) -> pulumi.Input['PromptCachePointType']: + return pulumi.get(self, "type") + + @type.setter + def type(self, value: pulumi.Input['PromptCachePointType']): + pulumi.set(self, "type", value) + + if not MYPY: class PromptChatPromptTemplateConfigurationArgsDict(TypedDict): """ @@ -8805,7 +8861,7 @@ class PromptChatPromptTemplateConfigurationArgsDict(TypedDict): """ List of input variables """ - system: NotRequired[pulumi.Input[Sequence[pulumi.Input['PromptSystemContentBlockPropertiesArgsDict']]]] + system: NotRequired[pulumi.Input[Sequence[pulumi.Input[Union['PromptSystemContentBlock0PropertiesArgsDict', 'PromptSystemContentBlock1PropertiesArgsDict']]]]] """ Configuration for chat prompt template """ @@ -8818,13 +8874,13 @@ class PromptChatPromptTemplateConfigurationArgs: def __init__(__self__, *, messages: pulumi.Input[Sequence[pulumi.Input['PromptMessageArgs']]], input_variables: Optional[pulumi.Input[Sequence[pulumi.Input['PromptInputVariableArgs']]]] = None, - system: Optional[pulumi.Input[Sequence[pulumi.Input['PromptSystemContentBlockPropertiesArgs']]]] = None, + system: Optional[pulumi.Input[Sequence[pulumi.Input[Union['PromptSystemContentBlock0PropertiesArgs', 'PromptSystemContentBlock1PropertiesArgs']]]]] = None, tool_configuration: Optional[pulumi.Input['PromptToolConfigurationArgs']] = None): """ Configuration for chat prompt template :param pulumi.Input[Sequence[pulumi.Input['PromptMessageArgs']]] messages: List of messages for chat prompt template :param pulumi.Input[Sequence[pulumi.Input['PromptInputVariableArgs']]] input_variables: List of input variables - :param pulumi.Input[Sequence[pulumi.Input['PromptSystemContentBlockPropertiesArgs']]] system: Configuration for chat prompt template + :param pulumi.Input[Sequence[pulumi.Input[Union['PromptSystemContentBlock0PropertiesArgs', 'PromptSystemContentBlock1PropertiesArgs']]]] system: Configuration for chat prompt template """ pulumi.set(__self__, "messages", messages) if input_variables is not None: @@ -8860,14 +8916,14 @@ def input_variables(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['Pr @property @pulumi.getter - def system(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['PromptSystemContentBlockPropertiesArgs']]]]: + def system(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[Union['PromptSystemContentBlock0PropertiesArgs', 'PromptSystemContentBlock1PropertiesArgs']]]]]: """ Configuration for chat prompt template """ return pulumi.get(self, "system") @system.setter - def system(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['PromptSystemContentBlockPropertiesArgs']]]]): + def system(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[Union['PromptSystemContentBlock0PropertiesArgs', 'PromptSystemContentBlock1PropertiesArgs']]]]]): pulumi.set(self, "system", value) @property @@ -8881,7 +8937,7 @@ def tool_configuration(self, value: Optional[pulumi.Input['PromptToolConfigurati if not MYPY: - class PromptContentBlockPropertiesArgsDict(TypedDict): + class PromptContentBlock0PropertiesArgsDict(TypedDict): """ Configuration for chat prompt template """ @@ -8890,10 +8946,10 @@ class PromptContentBlockPropertiesArgsDict(TypedDict): Configuration for chat prompt template """ elif False: - PromptContentBlockPropertiesArgsDict: TypeAlias = Mapping[str, Any] + PromptContentBlock0PropertiesArgsDict: TypeAlias = Mapping[str, Any] @pulumi.input_type -class PromptContentBlockPropertiesArgs: +class PromptContentBlock0PropertiesArgs: def __init__(__self__, *, text: pulumi.Input[str]): """ @@ -8915,6 +8971,34 @@ def text(self, value: pulumi.Input[str]): pulumi.set(self, "text", value) +if not MYPY: + class PromptContentBlock1PropertiesArgsDict(TypedDict): + """ + Configuration for chat prompt template + """ + cache_point: pulumi.Input['PromptCachePointBlockArgsDict'] +elif False: + PromptContentBlock1PropertiesArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class PromptContentBlock1PropertiesArgs: + def __init__(__self__, *, + cache_point: pulumi.Input['PromptCachePointBlockArgs']): + """ + Configuration for chat prompt template + """ + pulumi.set(__self__, "cache_point", cache_point) + + @property + @pulumi.getter(name="cachePoint") + def cache_point(self) -> pulumi.Input['PromptCachePointBlockArgs']: + return pulumi.get(self, "cache_point") + + @cache_point.setter + def cache_point(self, value: pulumi.Input['PromptCachePointBlockArgs']): + pulumi.set(self, "cache_point", value) + + if not MYPY: class PromptGenAiResourcePropertiesArgsDict(TypedDict): """ @@ -9012,7 +9096,7 @@ class PromptMessageArgsDict(TypedDict): """ Chat prompt Message """ - content: pulumi.Input[Sequence[pulumi.Input['PromptContentBlockPropertiesArgsDict']]] + content: pulumi.Input[Sequence[pulumi.Input[Union['PromptContentBlock0PropertiesArgsDict', 'PromptContentBlock1PropertiesArgsDict']]]] """ List of Content Blocks """ @@ -9023,25 +9107,25 @@ class PromptMessageArgsDict(TypedDict): @pulumi.input_type class PromptMessageArgs: def __init__(__self__, *, - content: pulumi.Input[Sequence[pulumi.Input['PromptContentBlockPropertiesArgs']]], + content: pulumi.Input[Sequence[pulumi.Input[Union['PromptContentBlock0PropertiesArgs', 'PromptContentBlock1PropertiesArgs']]]], role: pulumi.Input['PromptConversationRole']): """ Chat prompt Message - :param pulumi.Input[Sequence[pulumi.Input['PromptContentBlockPropertiesArgs']]] content: List of Content Blocks + :param pulumi.Input[Sequence[pulumi.Input[Union['PromptContentBlock0PropertiesArgs', 'PromptContentBlock1PropertiesArgs']]]] content: List of Content Blocks """ pulumi.set(__self__, "content", content) pulumi.set(__self__, "role", role) @property @pulumi.getter - def content(self) -> pulumi.Input[Sequence[pulumi.Input['PromptContentBlockPropertiesArgs']]]: + def content(self) -> pulumi.Input[Sequence[pulumi.Input[Union['PromptContentBlock0PropertiesArgs', 'PromptContentBlock1PropertiesArgs']]]]: """ List of Content Blocks """ return pulumi.get(self, "content") @content.setter - def content(self, value: pulumi.Input[Sequence[pulumi.Input['PromptContentBlockPropertiesArgs']]]): + def content(self, value: pulumi.Input[Sequence[pulumi.Input[Union['PromptContentBlock0PropertiesArgs', 'PromptContentBlock1PropertiesArgs']]]]): pulumi.set(self, "content", value) @property @@ -9186,7 +9270,7 @@ def name(self, value: pulumi.Input[str]): if not MYPY: - class PromptSystemContentBlockPropertiesArgsDict(TypedDict): + class PromptSystemContentBlock0PropertiesArgsDict(TypedDict): """ Configuration for chat prompt template """ @@ -9195,10 +9279,10 @@ class PromptSystemContentBlockPropertiesArgsDict(TypedDict): Configuration for chat prompt template """ elif False: - PromptSystemContentBlockPropertiesArgsDict: TypeAlias = Mapping[str, Any] + PromptSystemContentBlock0PropertiesArgsDict: TypeAlias = Mapping[str, Any] @pulumi.input_type -class PromptSystemContentBlockPropertiesArgs: +class PromptSystemContentBlock0PropertiesArgs: def __init__(__self__, *, text: pulumi.Input[str]): """ @@ -9220,6 +9304,34 @@ def text(self, value: pulumi.Input[str]): pulumi.set(self, "text", value) +if not MYPY: + class PromptSystemContentBlock1PropertiesArgsDict(TypedDict): + """ + Configuration for chat prompt template + """ + cache_point: pulumi.Input['PromptCachePointBlockArgsDict'] +elif False: + PromptSystemContentBlock1PropertiesArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class PromptSystemContentBlock1PropertiesArgs: + def __init__(__self__, *, + cache_point: pulumi.Input['PromptCachePointBlockArgs']): + """ + Configuration for chat prompt template + """ + pulumi.set(__self__, "cache_point", cache_point) + + @property + @pulumi.getter(name="cachePoint") + def cache_point(self) -> pulumi.Input['PromptCachePointBlockArgs']: + return pulumi.get(self, "cache_point") + + @cache_point.setter + def cache_point(self, value: pulumi.Input['PromptCachePointBlockArgs']): + pulumi.set(self, "cache_point", value) + + if not MYPY: class PromptTemplateConfiguration0PropertiesArgsDict(TypedDict): """ @@ -9281,6 +9393,7 @@ class PromptTextPromptTemplateConfigurationArgsDict(TypedDict): """ Configuration for text prompt template """ + cache_point: NotRequired[pulumi.Input['PromptCachePointBlockArgsDict']] input_variables: NotRequired[pulumi.Input[Sequence[pulumi.Input['PromptInputVariableArgsDict']]]] """ List of input variables @@ -9296,6 +9409,7 @@ class PromptTextPromptTemplateConfigurationArgsDict(TypedDict): @pulumi.input_type class PromptTextPromptTemplateConfigurationArgs: def __init__(__self__, *, + cache_point: Optional[pulumi.Input['PromptCachePointBlockArgs']] = None, input_variables: Optional[pulumi.Input[Sequence[pulumi.Input['PromptInputVariableArgs']]]] = None, text: Optional[pulumi.Input[str]] = None, text_s3_location: Optional[pulumi.Input['PromptTextS3LocationArgs']] = None): @@ -9304,6 +9418,8 @@ def __init__(__self__, *, :param pulumi.Input[Sequence[pulumi.Input['PromptInputVariableArgs']]] input_variables: List of input variables :param pulumi.Input[str] text: Prompt content for String prompt template """ + if cache_point is not None: + pulumi.set(__self__, "cache_point", cache_point) if input_variables is not None: pulumi.set(__self__, "input_variables", input_variables) if text is not None: @@ -9311,6 +9427,15 @@ def __init__(__self__, *, if text_s3_location is not None: pulumi.set(__self__, "text_s3_location", text_s3_location) + @property + @pulumi.getter(name="cachePoint") + def cache_point(self) -> Optional[pulumi.Input['PromptCachePointBlockArgs']]: + return pulumi.get(self, "cache_point") + + @cache_point.setter + def cache_point(self, value: Optional[pulumi.Input['PromptCachePointBlockArgs']]): + pulumi.set(self, "cache_point", value) + @property @pulumi.getter(name="inputVariables") def input_variables(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['PromptInputVariableArgs']]]]: @@ -9419,6 +9544,62 @@ def version(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "version", value) +if not MYPY: + class PromptTool0PropertiesArgsDict(TypedDict): + """ + Tool details + """ + tool_spec: pulumi.Input['PromptToolSpecificationArgsDict'] +elif False: + PromptTool0PropertiesArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class PromptTool0PropertiesArgs: + def __init__(__self__, *, + tool_spec: pulumi.Input['PromptToolSpecificationArgs']): + """ + Tool details + """ + pulumi.set(__self__, "tool_spec", tool_spec) + + @property + @pulumi.getter(name="toolSpec") + def tool_spec(self) -> pulumi.Input['PromptToolSpecificationArgs']: + return pulumi.get(self, "tool_spec") + + @tool_spec.setter + def tool_spec(self, value: pulumi.Input['PromptToolSpecificationArgs']): + pulumi.set(self, "tool_spec", value) + + +if not MYPY: + class PromptTool1PropertiesArgsDict(TypedDict): + """ + Tool details + """ + cache_point: pulumi.Input['PromptCachePointBlockArgsDict'] +elif False: + PromptTool1PropertiesArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class PromptTool1PropertiesArgs: + def __init__(__self__, *, + cache_point: pulumi.Input['PromptCachePointBlockArgs']): + """ + Tool details + """ + pulumi.set(__self__, "cache_point", cache_point) + + @property + @pulumi.getter(name="cachePoint") + def cache_point(self) -> pulumi.Input['PromptCachePointBlockArgs']: + return pulumi.get(self, "cache_point") + + @cache_point.setter + def cache_point(self, value: pulumi.Input['PromptCachePointBlockArgs']): + pulumi.set(self, "cache_point", value) + + if not MYPY: class PromptToolChoice0PropertiesArgsDict(TypedDict): """ @@ -9508,7 +9689,7 @@ class PromptToolConfigurationArgsDict(TypedDict): """ Tool configuration """ - tools: pulumi.Input[Sequence[pulumi.Input['PromptToolPropertiesArgsDict']]] + tools: pulumi.Input[Sequence[pulumi.Input[Union['PromptTool0PropertiesArgsDict', 'PromptTool1PropertiesArgsDict']]]] """ List of Tools """ @@ -9519,11 +9700,11 @@ class PromptToolConfigurationArgsDict(TypedDict): @pulumi.input_type class PromptToolConfigurationArgs: def __init__(__self__, *, - tools: pulumi.Input[Sequence[pulumi.Input['PromptToolPropertiesArgs']]], + tools: pulumi.Input[Sequence[pulumi.Input[Union['PromptTool0PropertiesArgs', 'PromptTool1PropertiesArgs']]]], tool_choice: Optional[pulumi.Input[Union['PromptToolChoice0PropertiesArgs', 'PromptToolChoice1PropertiesArgs', 'PromptToolChoice2PropertiesArgs']]] = None): """ Tool configuration - :param pulumi.Input[Sequence[pulumi.Input['PromptToolPropertiesArgs']]] tools: List of Tools + :param pulumi.Input[Sequence[pulumi.Input[Union['PromptTool0PropertiesArgs', 'PromptTool1PropertiesArgs']]]] tools: List of Tools """ pulumi.set(__self__, "tools", tools) if tool_choice is not None: @@ -9531,14 +9712,14 @@ def __init__(__self__, *, @property @pulumi.getter - def tools(self) -> pulumi.Input[Sequence[pulumi.Input['PromptToolPropertiesArgs']]]: + def tools(self) -> pulumi.Input[Sequence[pulumi.Input[Union['PromptTool0PropertiesArgs', 'PromptTool1PropertiesArgs']]]]: """ List of Tools """ return pulumi.get(self, "tools") @tools.setter - def tools(self, value: pulumi.Input[Sequence[pulumi.Input['PromptToolPropertiesArgs']]]): + def tools(self, value: pulumi.Input[Sequence[pulumi.Input[Union['PromptTool0PropertiesArgs', 'PromptTool1PropertiesArgs']]]]): pulumi.set(self, "tools", value) @property @@ -9579,34 +9760,6 @@ def json(self, value: Any): pulumi.set(self, "json", value) -if not MYPY: - class PromptToolPropertiesArgsDict(TypedDict): - """ - Tool details - """ - tool_spec: pulumi.Input['PromptToolSpecificationArgsDict'] -elif False: - PromptToolPropertiesArgsDict: TypeAlias = Mapping[str, Any] - -@pulumi.input_type -class PromptToolPropertiesArgs: - def __init__(__self__, *, - tool_spec: pulumi.Input['PromptToolSpecificationArgs']): - """ - Tool details - """ - pulumi.set(__self__, "tool_spec", tool_spec) - - @property - @pulumi.getter(name="toolSpec") - def tool_spec(self) -> pulumi.Input['PromptToolSpecificationArgs']: - return pulumi.get(self, "tool_spec") - - @tool_spec.setter - def tool_spec(self, value: pulumi.Input['PromptToolSpecificationArgs']): - pulumi.set(self, "tool_spec", value) - - if not MYPY: class PromptToolSpecificationArgsDict(TypedDict): """ @@ -9684,6 +9837,10 @@ class PromptVariantArgsDict(TypedDict): """ The type of prompt template to use. """ + additional_model_request_fields: NotRequired[pulumi.Input['PromptAdditionalModelRequestFieldsArgsDict']] + """ + Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + """ gen_ai_resource: NotRequired[pulumi.Input['PromptGenAiResourcePropertiesArgsDict']] """ Specifies a generative AI resource with which to use the prompt. @@ -9705,6 +9862,7 @@ def __init__(__self__, *, name: pulumi.Input[str], template_configuration: pulumi.Input[Union['PromptTemplateConfiguration0PropertiesArgs', 'PromptTemplateConfiguration1PropertiesArgs']], template_type: pulumi.Input['PromptTemplateType'], + additional_model_request_fields: Optional[pulumi.Input['PromptAdditionalModelRequestFieldsArgs']] = None, gen_ai_resource: Optional[pulumi.Input['PromptGenAiResourcePropertiesArgs']] = None, inference_configuration: Optional[pulumi.Input['PromptInferenceConfigurationPropertiesArgs']] = None, model_id: Optional[pulumi.Input[str]] = None): @@ -9713,6 +9871,7 @@ def __init__(__self__, *, :param pulumi.Input[str] name: Name for a variant. :param pulumi.Input[Union['PromptTemplateConfiguration0PropertiesArgs', 'PromptTemplateConfiguration1PropertiesArgs']] template_configuration: Contains configurations for the prompt template. :param pulumi.Input['PromptTemplateType'] template_type: The type of prompt template to use. + :param pulumi.Input['PromptAdditionalModelRequestFieldsArgs'] additional_model_request_fields: Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . :param pulumi.Input['PromptGenAiResourcePropertiesArgs'] gen_ai_resource: Specifies a generative AI resource with which to use the prompt. :param pulumi.Input['PromptInferenceConfigurationPropertiesArgs'] inference_configuration: Contains inference configurations for the prompt variant. :param pulumi.Input[str] model_id: ARN or Id of a Bedrock Foundational Model or Inference Profile, or the ARN of a imported model, or a provisioned throughput ARN for custom models. @@ -9720,6 +9879,8 @@ def __init__(__self__, *, pulumi.set(__self__, "name", name) pulumi.set(__self__, "template_configuration", template_configuration) pulumi.set(__self__, "template_type", template_type) + if additional_model_request_fields is not None: + pulumi.set(__self__, "additional_model_request_fields", additional_model_request_fields) if gen_ai_resource is not None: pulumi.set(__self__, "gen_ai_resource", gen_ai_resource) if inference_configuration is not None: @@ -9763,6 +9924,18 @@ def template_type(self) -> pulumi.Input['PromptTemplateType']: def template_type(self, value: pulumi.Input['PromptTemplateType']): pulumi.set(self, "template_type", value) + @property + @pulumi.getter(name="additionalModelRequestFields") + def additional_model_request_fields(self) -> Optional[pulumi.Input['PromptAdditionalModelRequestFieldsArgs']]: + """ + Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + """ + return pulumi.get(self, "additional_model_request_fields") + + @additional_model_request_fields.setter + def additional_model_request_fields(self, value: Optional[pulumi.Input['PromptAdditionalModelRequestFieldsArgs']]): + pulumi.set(self, "additional_model_request_fields", value) + @property @pulumi.getter(name="genAiResource") def gen_ai_resource(self) -> Optional[pulumi.Input['PromptGenAiResourcePropertiesArgs']]: diff --git a/sdk/python/pulumi_aws_native/bedrock/agent_alias.py b/sdk/python/pulumi_aws_native/bedrock/agent_alias.py index 8314219a91..b065a003b2 100644 --- a/sdk/python/pulumi_aws_native/bedrock/agent_alias.py +++ b/sdk/python/pulumi_aws_native/bedrock/agent_alias.py @@ -268,6 +268,7 @@ def agent_alias_status(self) -> pulumi.Output['AgentAliasStatus']: - FAILED – The agent alias API operation failed. - UPDATING – The agent alias is being updated. - DELETING – The agent alias is being deleted. + - DISSOCIATED - The agent alias has no version associated with it. """ return pulumi.get(self, "agent_alias_status") diff --git a/sdk/python/pulumi_aws_native/bedrock/get_agent_alias.py b/sdk/python/pulumi_aws_native/bedrock/get_agent_alias.py index 4171118695..a922180a53 100644 --- a/sdk/python/pulumi_aws_native/bedrock/get_agent_alias.py +++ b/sdk/python/pulumi_aws_native/bedrock/get_agent_alias.py @@ -100,6 +100,7 @@ def agent_alias_status(self) -> Optional['AgentAliasStatus']: - FAILED – The agent alias API operation failed. - UPDATING – The agent alias is being updated. - DELETING – The agent alias is being deleted. + - DISSOCIATED - The agent alias has no version associated with it. """ return pulumi.get(self, "agent_alias_status") diff --git a/sdk/python/pulumi_aws_native/bedrock/outputs.py b/sdk/python/pulumi_aws_native/bedrock/outputs.py index a356452aef..01c9cd60b2 100644 --- a/sdk/python/pulumi_aws_native/bedrock/outputs.py +++ b/sdk/python/pulumi_aws_native/bedrock/outputs.py @@ -215,34 +215,42 @@ 'KnowledgeBaseSupplementalDataStorageConfiguration', 'KnowledgeBaseSupplementalDataStorageLocation', 'KnowledgeBaseVectorKnowledgeBaseConfiguration', + 'PromptAdditionalModelRequestFields', 'PromptAgentResource', 'PromptAnyToolChoice', 'PromptAutoToolChoice', + 'PromptCachePointBlock', 'PromptChatPromptTemplateConfiguration', - 'PromptContentBlockProperties', + 'PromptContentBlock0Properties', + 'PromptContentBlock1Properties', 'PromptGenAiResourceProperties', 'PromptInferenceConfigurationProperties', 'PromptInputVariable', 'PromptMessage', 'PromptModelInferenceConfiguration', 'PromptSpecificToolChoice', - 'PromptSystemContentBlockProperties', + 'PromptSystemContentBlock0Properties', + 'PromptSystemContentBlock1Properties', 'PromptTemplateConfiguration0Properties', 'PromptTemplateConfiguration1Properties', 'PromptTextPromptTemplateConfiguration', 'PromptTextS3Location', + 'PromptTool0Properties', + 'PromptTool1Properties', 'PromptToolChoice0Properties', 'PromptToolChoice1Properties', 'PromptToolChoice2Properties', 'PromptToolConfiguration', 'PromptToolInputSchemaProperties', - 'PromptToolProperties', 'PromptToolSpecification', 'PromptVariant', + 'PromptVersionAdditionalModelRequestFields', 'PromptVersionAnyToolChoice', 'PromptVersionAutoToolChoice', + 'PromptVersionCachePointBlock', 'PromptVersionChatPromptTemplateConfiguration', - 'PromptVersionContentBlockProperties', + 'PromptVersionContentBlock0Properties', + 'PromptVersionContentBlock1Properties', 'PromptVersionMessage', 'PromptVersionPromptAgentResource', 'PromptVersionPromptGenAiResourceProperties', @@ -253,14 +261,16 @@ 'PromptVersionPromptTemplateConfiguration1Properties', 'PromptVersionPromptVariant', 'PromptVersionSpecificToolChoice', - 'PromptVersionSystemContentBlockProperties', + 'PromptVersionSystemContentBlock0Properties', + 'PromptVersionSystemContentBlock1Properties', 'PromptVersionTextPromptTemplateConfiguration', + 'PromptVersionTool0Properties', + 'PromptVersionTool1Properties', 'PromptVersionToolChoice0Properties', 'PromptVersionToolChoice1Properties', 'PromptVersionToolChoice2Properties', 'PromptVersionToolConfiguration', 'PromptVersionToolInputSchemaProperties', - 'PromptVersionToolProperties', 'PromptVersionToolSpecification', ] @@ -8998,6 +9008,18 @@ def supplemental_data_storage_configuration(self) -> Optional['outputs.Knowledge return pulumi.get(self, "supplemental_data_storage_configuration") +@pulumi.output_type +class PromptAdditionalModelRequestFields(dict): + """ + Contains model-specific configurations + """ + def __init__(__self__): + """ + Contains model-specific configurations + """ + pass + + @pulumi.output_type class PromptAgentResource(dict): """ @@ -9061,6 +9083,24 @@ def __init__(__self__): pass +@pulumi.output_type +class PromptCachePointBlock(dict): + """ + CachePointBlock + """ + def __init__(__self__, *, + type: 'PromptCachePointType'): + """ + CachePointBlock + """ + pulumi.set(__self__, "type", type) + + @property + @pulumi.getter + def type(self) -> 'PromptCachePointType': + return pulumi.get(self, "type") + + @pulumi.output_type class PromptChatPromptTemplateConfiguration(dict): """ @@ -9088,13 +9128,13 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, messages: Sequence['outputs.PromptMessage'], input_variables: Optional[Sequence['outputs.PromptInputVariable']] = None, - system: Optional[Sequence['outputs.PromptSystemContentBlockProperties']] = None, + system: Optional[Sequence[Any]] = None, tool_configuration: Optional['outputs.PromptToolConfiguration'] = None): """ Configuration for chat prompt template :param Sequence['PromptMessage'] messages: List of messages for chat prompt template :param Sequence['PromptInputVariable'] input_variables: List of input variables - :param Sequence['PromptSystemContentBlockProperties'] system: Configuration for chat prompt template + :param Sequence[Union['PromptSystemContentBlock0Properties', 'PromptSystemContentBlock1Properties']] system: Configuration for chat prompt template """ pulumi.set(__self__, "messages", messages) if input_variables is not None: @@ -9122,7 +9162,7 @@ def input_variables(self) -> Optional[Sequence['outputs.PromptInputVariable']]: @property @pulumi.getter - def system(self) -> Optional[Sequence['outputs.PromptSystemContentBlockProperties']]: + def system(self) -> Optional[Sequence[Any]]: """ Configuration for chat prompt template """ @@ -9135,7 +9175,7 @@ def tool_configuration(self) -> Optional['outputs.PromptToolConfiguration']: @pulumi.output_type -class PromptContentBlockProperties(dict): +class PromptContentBlock0Properties(dict): """ Configuration for chat prompt template """ @@ -9156,6 +9196,41 @@ def text(self) -> str: return pulumi.get(self, "text") +@pulumi.output_type +class PromptContentBlock1Properties(dict): + """ + Configuration for chat prompt template + """ + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "cachePoint": + suggest = "cache_point" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in PromptContentBlock1Properties. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + PromptContentBlock1Properties.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + PromptContentBlock1Properties.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + cache_point: 'outputs.PromptCachePointBlock'): + """ + Configuration for chat prompt template + """ + pulumi.set(__self__, "cache_point", cache_point) + + @property + @pulumi.getter(name="cachePoint") + def cache_point(self) -> 'outputs.PromptCachePointBlock': + return pulumi.get(self, "cache_point") + + @pulumi.output_type class PromptGenAiResourceProperties(dict): """ @@ -9221,18 +9296,18 @@ class PromptMessage(dict): Chat prompt Message """ def __init__(__self__, *, - content: Sequence['outputs.PromptContentBlockProperties'], + content: Sequence[Any], role: 'PromptConversationRole'): """ Chat prompt Message - :param Sequence['PromptContentBlockProperties'] content: List of Content Blocks + :param Sequence[Union['PromptContentBlock0Properties', 'PromptContentBlock1Properties']] content: List of Content Blocks """ pulumi.set(__self__, "content", content) pulumi.set(__self__, "role", role) @property @pulumi.getter - def content(self) -> Sequence['outputs.PromptContentBlockProperties']: + def content(self) -> Sequence[Any]: """ List of Content Blocks """ @@ -9347,7 +9422,7 @@ def name(self) -> str: @pulumi.output_type -class PromptSystemContentBlockProperties(dict): +class PromptSystemContentBlock0Properties(dict): """ Configuration for chat prompt template """ @@ -9368,6 +9443,41 @@ def text(self) -> str: return pulumi.get(self, "text") +@pulumi.output_type +class PromptSystemContentBlock1Properties(dict): + """ + Configuration for chat prompt template + """ + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "cachePoint": + suggest = "cache_point" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in PromptSystemContentBlock1Properties. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + PromptSystemContentBlock1Properties.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + PromptSystemContentBlock1Properties.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + cache_point: 'outputs.PromptCachePointBlock'): + """ + Configuration for chat prompt template + """ + pulumi.set(__self__, "cache_point", cache_point) + + @property + @pulumi.getter(name="cachePoint") + def cache_point(self) -> 'outputs.PromptCachePointBlock': + return pulumi.get(self, "cache_point") + + @pulumi.output_type class PromptTemplateConfiguration0Properties(dict): """ @@ -9412,7 +9522,9 @@ class PromptTextPromptTemplateConfiguration(dict): @staticmethod def __key_warning(key: str): suggest = None - if key == "inputVariables": + if key == "cachePoint": + suggest = "cache_point" + elif key == "inputVariables": suggest = "input_variables" elif key == "textS3Location": suggest = "text_s3_location" @@ -9429,6 +9541,7 @@ def get(self, key: str, default = None) -> Any: return super().get(key, default) def __init__(__self__, *, + cache_point: Optional['outputs.PromptCachePointBlock'] = None, input_variables: Optional[Sequence['outputs.PromptInputVariable']] = None, text: Optional[str] = None, text_s3_location: Optional['outputs.PromptTextS3Location'] = None): @@ -9437,6 +9550,8 @@ def __init__(__self__, *, :param Sequence['PromptInputVariable'] input_variables: List of input variables :param str text: Prompt content for String prompt template """ + if cache_point is not None: + pulumi.set(__self__, "cache_point", cache_point) if input_variables is not None: pulumi.set(__self__, "input_variables", input_variables) if text is not None: @@ -9444,6 +9559,11 @@ def __init__(__self__, *, if text_s3_location is not None: pulumi.set(__self__, "text_s3_location", text_s3_location) + @property + @pulumi.getter(name="cachePoint") + def cache_point(self) -> Optional['outputs.PromptCachePointBlock']: + return pulumi.get(self, "cache_point") + @property @pulumi.getter(name="inputVariables") def input_variables(self) -> Optional[Sequence['outputs.PromptInputVariable']]: @@ -9511,6 +9631,76 @@ def version(self) -> Optional[str]: return pulumi.get(self, "version") +@pulumi.output_type +class PromptTool0Properties(dict): + """ + Tool details + """ + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "toolSpec": + suggest = "tool_spec" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in PromptTool0Properties. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + PromptTool0Properties.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + PromptTool0Properties.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + tool_spec: 'outputs.PromptToolSpecification'): + """ + Tool details + """ + pulumi.set(__self__, "tool_spec", tool_spec) + + @property + @pulumi.getter(name="toolSpec") + def tool_spec(self) -> 'outputs.PromptToolSpecification': + return pulumi.get(self, "tool_spec") + + +@pulumi.output_type +class PromptTool1Properties(dict): + """ + Tool details + """ + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "cachePoint": + suggest = "cache_point" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in PromptTool1Properties. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + PromptTool1Properties.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + PromptTool1Properties.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + cache_point: 'outputs.PromptCachePointBlock'): + """ + Tool details + """ + pulumi.set(__self__, "cache_point", cache_point) + + @property + @pulumi.getter(name="cachePoint") + def cache_point(self) -> 'outputs.PromptCachePointBlock': + return pulumi.get(self, "cache_point") + + @pulumi.output_type class PromptToolChoice0Properties(dict): """ @@ -9588,11 +9778,11 @@ def get(self, key: str, default = None) -> Any: return super().get(key, default) def __init__(__self__, *, - tools: Sequence['outputs.PromptToolProperties'], + tools: Sequence[Any], tool_choice: Optional[Any] = None): """ Tool configuration - :param Sequence['PromptToolProperties'] tools: List of Tools + :param Sequence[Union['PromptTool0Properties', 'PromptTool1Properties']] tools: List of Tools """ pulumi.set(__self__, "tools", tools) if tool_choice is not None: @@ -9600,7 +9790,7 @@ def __init__(__self__, *, @property @pulumi.getter - def tools(self) -> Sequence['outputs.PromptToolProperties']: + def tools(self) -> Sequence[Any]: """ List of Tools """ @@ -9630,41 +9820,6 @@ def json(self) -> Any: return pulumi.get(self, "json") -@pulumi.output_type -class PromptToolProperties(dict): - """ - Tool details - """ - @staticmethod - def __key_warning(key: str): - suggest = None - if key == "toolSpec": - suggest = "tool_spec" - - if suggest: - pulumi.log.warn(f"Key '{key}' not found in PromptToolProperties. Access the value via the '{suggest}' property getter instead.") - - def __getitem__(self, key: str) -> Any: - PromptToolProperties.__key_warning(key) - return super().__getitem__(key) - - def get(self, key: str, default = None) -> Any: - PromptToolProperties.__key_warning(key) - return super().get(key, default) - - def __init__(__self__, *, - tool_spec: 'outputs.PromptToolSpecification'): - """ - Tool details - """ - pulumi.set(__self__, "tool_spec", tool_spec) - - @property - @pulumi.getter(name="toolSpec") - def tool_spec(self) -> 'outputs.PromptToolSpecification': - return pulumi.get(self, "tool_spec") - - @pulumi.output_type class PromptToolSpecification(dict): """ @@ -9731,6 +9886,8 @@ def __key_warning(key: str): suggest = "template_configuration" elif key == "templateType": suggest = "template_type" + elif key == "additionalModelRequestFields": + suggest = "additional_model_request_fields" elif key == "genAiResource": suggest = "gen_ai_resource" elif key == "inferenceConfiguration": @@ -9753,6 +9910,7 @@ def __init__(__self__, *, name: str, template_configuration: Any, template_type: 'PromptTemplateType', + additional_model_request_fields: Optional['outputs.PromptAdditionalModelRequestFields'] = None, gen_ai_resource: Optional['outputs.PromptGenAiResourceProperties'] = None, inference_configuration: Optional['outputs.PromptInferenceConfigurationProperties'] = None, model_id: Optional[str] = None): @@ -9761,6 +9919,7 @@ def __init__(__self__, *, :param str name: Name for a variant. :param Union['PromptTemplateConfiguration0Properties', 'PromptTemplateConfiguration1Properties'] template_configuration: Contains configurations for the prompt template. :param 'PromptTemplateType' template_type: The type of prompt template to use. + :param 'PromptAdditionalModelRequestFields' additional_model_request_fields: Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . :param 'PromptGenAiResourceProperties' gen_ai_resource: Specifies a generative AI resource with which to use the prompt. :param 'PromptInferenceConfigurationProperties' inference_configuration: Contains inference configurations for the prompt variant. :param str model_id: ARN or Id of a Bedrock Foundational Model or Inference Profile, or the ARN of a imported model, or a provisioned throughput ARN for custom models. @@ -9768,6 +9927,8 @@ def __init__(__self__, *, pulumi.set(__self__, "name", name) pulumi.set(__self__, "template_configuration", template_configuration) pulumi.set(__self__, "template_type", template_type) + if additional_model_request_fields is not None: + pulumi.set(__self__, "additional_model_request_fields", additional_model_request_fields) if gen_ai_resource is not None: pulumi.set(__self__, "gen_ai_resource", gen_ai_resource) if inference_configuration is not None: @@ -9799,6 +9960,14 @@ def template_type(self) -> 'PromptTemplateType': """ return pulumi.get(self, "template_type") + @property + @pulumi.getter(name="additionalModelRequestFields") + def additional_model_request_fields(self) -> Optional['outputs.PromptAdditionalModelRequestFields']: + """ + Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + """ + return pulumi.get(self, "additional_model_request_fields") + @property @pulumi.getter(name="genAiResource") def gen_ai_resource(self) -> Optional['outputs.PromptGenAiResourceProperties']: @@ -9824,6 +9993,18 @@ def model_id(self) -> Optional[str]: return pulumi.get(self, "model_id") +@pulumi.output_type +class PromptVersionAdditionalModelRequestFields(dict): + """ + Contains model-specific configurations + """ + def __init__(__self__): + """ + Contains model-specific configurations + """ + pass + + @pulumi.output_type class PromptVersionAnyToolChoice(dict): """ @@ -9848,6 +10029,24 @@ def __init__(__self__): pass +@pulumi.output_type +class PromptVersionCachePointBlock(dict): + """ + CachePointBlock + """ + def __init__(__self__, *, + type: 'PromptVersionCachePointType'): + """ + CachePointBlock + """ + pulumi.set(__self__, "type", type) + + @property + @pulumi.getter + def type(self) -> 'PromptVersionCachePointType': + return pulumi.get(self, "type") + + @pulumi.output_type class PromptVersionChatPromptTemplateConfiguration(dict): """ @@ -9875,13 +10074,13 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, messages: Sequence['outputs.PromptVersionMessage'], input_variables: Optional[Sequence['outputs.PromptVersionPromptInputVariable']] = None, - system: Optional[Sequence['outputs.PromptVersionSystemContentBlockProperties']] = None, + system: Optional[Sequence[Any]] = None, tool_configuration: Optional['outputs.PromptVersionToolConfiguration'] = None): """ Configuration for chat prompt template :param Sequence['PromptVersionMessage'] messages: List of messages for chat prompt template :param Sequence['PromptVersionPromptInputVariable'] input_variables: List of input variables - :param Sequence['PromptVersionSystemContentBlockProperties'] system: Configuration for chat prompt template + :param Sequence[Union['PromptVersionSystemContentBlock0Properties', 'PromptVersionSystemContentBlock1Properties']] system: Configuration for chat prompt template """ pulumi.set(__self__, "messages", messages) if input_variables is not None: @@ -9909,7 +10108,7 @@ def input_variables(self) -> Optional[Sequence['outputs.PromptVersionPromptInput @property @pulumi.getter - def system(self) -> Optional[Sequence['outputs.PromptVersionSystemContentBlockProperties']]: + def system(self) -> Optional[Sequence[Any]]: """ Configuration for chat prompt template """ @@ -9922,7 +10121,7 @@ def tool_configuration(self) -> Optional['outputs.PromptVersionToolConfiguration @pulumi.output_type -class PromptVersionContentBlockProperties(dict): +class PromptVersionContentBlock0Properties(dict): """ Configuration for chat prompt template """ @@ -9943,24 +10142,59 @@ def text(self) -> str: return pulumi.get(self, "text") +@pulumi.output_type +class PromptVersionContentBlock1Properties(dict): + """ + Configuration for chat prompt template + """ + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "cachePoint": + suggest = "cache_point" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in PromptVersionContentBlock1Properties. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + PromptVersionContentBlock1Properties.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + PromptVersionContentBlock1Properties.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + cache_point: 'outputs.PromptVersionCachePointBlock'): + """ + Configuration for chat prompt template + """ + pulumi.set(__self__, "cache_point", cache_point) + + @property + @pulumi.getter(name="cachePoint") + def cache_point(self) -> 'outputs.PromptVersionCachePointBlock': + return pulumi.get(self, "cache_point") + + @pulumi.output_type class PromptVersionMessage(dict): """ Chat prompt Message """ def __init__(__self__, *, - content: Sequence['outputs.PromptVersionContentBlockProperties'], + content: Sequence[Any], role: 'PromptVersionConversationRole'): """ Chat prompt Message - :param Sequence['PromptVersionContentBlockProperties'] content: List of Content Blocks + :param Sequence[Union['PromptVersionContentBlock0Properties', 'PromptVersionContentBlock1Properties']] content: List of Content Blocks """ pulumi.set(__self__, "content", content) pulumi.set(__self__, "role", role) @property @pulumi.getter - def content(self) -> Sequence['outputs.PromptVersionContentBlockProperties']: + def content(self) -> Sequence[Any]: """ List of Content Blocks """ @@ -10198,6 +10432,8 @@ def __key_warning(key: str): suggest = "template_configuration" elif key == "templateType": suggest = "template_type" + elif key == "additionalModelRequestFields": + suggest = "additional_model_request_fields" elif key == "genAiResource": suggest = "gen_ai_resource" elif key == "inferenceConfiguration": @@ -10220,6 +10456,7 @@ def __init__(__self__, *, name: str, template_configuration: Any, template_type: 'PromptVersionPromptTemplateType', + additional_model_request_fields: Optional['outputs.PromptVersionAdditionalModelRequestFields'] = None, gen_ai_resource: Optional['outputs.PromptVersionPromptGenAiResourceProperties'] = None, inference_configuration: Optional['outputs.PromptVersionPromptInferenceConfigurationProperties'] = None, model_id: Optional[str] = None): @@ -10228,6 +10465,7 @@ def __init__(__self__, *, :param str name: Name for a variant. :param Union['PromptVersionPromptTemplateConfiguration0Properties', 'PromptVersionPromptTemplateConfiguration1Properties'] template_configuration: Contains configurations for the prompt template. :param 'PromptVersionPromptTemplateType' template_type: The type of prompt template to use. + :param 'PromptVersionAdditionalModelRequestFields' additional_model_request_fields: Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . :param 'PromptVersionPromptGenAiResourceProperties' gen_ai_resource: Specifies a generative AI resource with which to use the prompt. :param 'PromptVersionPromptInferenceConfigurationProperties' inference_configuration: Contains inference configurations for the prompt variant. :param str model_id: ARN or Id of a Bedrock Foundational Model or Inference Profile, or the ARN of a imported model, or a provisioned throughput ARN for custom models. @@ -10235,6 +10473,8 @@ def __init__(__self__, *, pulumi.set(__self__, "name", name) pulumi.set(__self__, "template_configuration", template_configuration) pulumi.set(__self__, "template_type", template_type) + if additional_model_request_fields is not None: + pulumi.set(__self__, "additional_model_request_fields", additional_model_request_fields) if gen_ai_resource is not None: pulumi.set(__self__, "gen_ai_resource", gen_ai_resource) if inference_configuration is not None: @@ -10266,6 +10506,14 @@ def template_type(self) -> 'PromptVersionPromptTemplateType': """ return pulumi.get(self, "template_type") + @property + @pulumi.getter(name="additionalModelRequestFields") + def additional_model_request_fields(self) -> Optional['outputs.PromptVersionAdditionalModelRequestFields']: + """ + Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . + """ + return pulumi.get(self, "additional_model_request_fields") + @property @pulumi.getter(name="genAiResource") def gen_ai_resource(self) -> Optional['outputs.PromptVersionPromptGenAiResourceProperties']: @@ -10314,7 +10562,7 @@ def name(self) -> str: @pulumi.output_type -class PromptVersionSystemContentBlockProperties(dict): +class PromptVersionSystemContentBlock0Properties(dict): """ Configuration for chat prompt template """ @@ -10335,6 +10583,41 @@ def text(self) -> str: return pulumi.get(self, "text") +@pulumi.output_type +class PromptVersionSystemContentBlock1Properties(dict): + """ + Configuration for chat prompt template + """ + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "cachePoint": + suggest = "cache_point" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in PromptVersionSystemContentBlock1Properties. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + PromptVersionSystemContentBlock1Properties.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + PromptVersionSystemContentBlock1Properties.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + cache_point: 'outputs.PromptVersionCachePointBlock'): + """ + Configuration for chat prompt template + """ + pulumi.set(__self__, "cache_point", cache_point) + + @property + @pulumi.getter(name="cachePoint") + def cache_point(self) -> 'outputs.PromptVersionCachePointBlock': + return pulumi.get(self, "cache_point") + + @pulumi.output_type class PromptVersionTextPromptTemplateConfiguration(dict): """ @@ -10343,7 +10626,9 @@ class PromptVersionTextPromptTemplateConfiguration(dict): @staticmethod def __key_warning(key: str): suggest = None - if key == "inputVariables": + if key == "cachePoint": + suggest = "cache_point" + elif key == "inputVariables": suggest = "input_variables" if suggest: @@ -10359,6 +10644,7 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, text: str, + cache_point: Optional['outputs.PromptVersionCachePointBlock'] = None, input_variables: Optional[Sequence['outputs.PromptVersionPromptInputVariable']] = None): """ Configuration for text prompt template @@ -10366,6 +10652,8 @@ def __init__(__self__, *, :param Sequence['PromptVersionPromptInputVariable'] input_variables: List of input variables """ pulumi.set(__self__, "text", text) + if cache_point is not None: + pulumi.set(__self__, "cache_point", cache_point) if input_variables is not None: pulumi.set(__self__, "input_variables", input_variables) @@ -10377,6 +10665,11 @@ def text(self) -> str: """ return pulumi.get(self, "text") + @property + @pulumi.getter(name="cachePoint") + def cache_point(self) -> Optional['outputs.PromptVersionCachePointBlock']: + return pulumi.get(self, "cache_point") + @property @pulumi.getter(name="inputVariables") def input_variables(self) -> Optional[Sequence['outputs.PromptVersionPromptInputVariable']]: @@ -10386,6 +10679,76 @@ def input_variables(self) -> Optional[Sequence['outputs.PromptVersionPromptInput return pulumi.get(self, "input_variables") +@pulumi.output_type +class PromptVersionTool0Properties(dict): + """ + Tool details + """ + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "toolSpec": + suggest = "tool_spec" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in PromptVersionTool0Properties. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + PromptVersionTool0Properties.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + PromptVersionTool0Properties.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + tool_spec: 'outputs.PromptVersionToolSpecification'): + """ + Tool details + """ + pulumi.set(__self__, "tool_spec", tool_spec) + + @property + @pulumi.getter(name="toolSpec") + def tool_spec(self) -> 'outputs.PromptVersionToolSpecification': + return pulumi.get(self, "tool_spec") + + +@pulumi.output_type +class PromptVersionTool1Properties(dict): + """ + Tool details + """ + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "cachePoint": + suggest = "cache_point" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in PromptVersionTool1Properties. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + PromptVersionTool1Properties.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + PromptVersionTool1Properties.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + cache_point: 'outputs.PromptVersionCachePointBlock'): + """ + Tool details + """ + pulumi.set(__self__, "cache_point", cache_point) + + @property + @pulumi.getter(name="cachePoint") + def cache_point(self) -> 'outputs.PromptVersionCachePointBlock': + return pulumi.get(self, "cache_point") + + @pulumi.output_type class PromptVersionToolChoice0Properties(dict): """ @@ -10463,11 +10826,11 @@ def get(self, key: str, default = None) -> Any: return super().get(key, default) def __init__(__self__, *, - tools: Sequence['outputs.PromptVersionToolProperties'], + tools: Sequence[Any], tool_choice: Optional[Any] = None): """ Tool configuration - :param Sequence['PromptVersionToolProperties'] tools: List of Tools + :param Sequence[Union['PromptVersionTool0Properties', 'PromptVersionTool1Properties']] tools: List of Tools """ pulumi.set(__self__, "tools", tools) if tool_choice is not None: @@ -10475,7 +10838,7 @@ def __init__(__self__, *, @property @pulumi.getter - def tools(self) -> Sequence['outputs.PromptVersionToolProperties']: + def tools(self) -> Sequence[Any]: """ List of Tools """ @@ -10505,41 +10868,6 @@ def json(self) -> Any: return pulumi.get(self, "json") -@pulumi.output_type -class PromptVersionToolProperties(dict): - """ - Tool details - """ - @staticmethod - def __key_warning(key: str): - suggest = None - if key == "toolSpec": - suggest = "tool_spec" - - if suggest: - pulumi.log.warn(f"Key '{key}' not found in PromptVersionToolProperties. Access the value via the '{suggest}' property getter instead.") - - def __getitem__(self, key: str) -> Any: - PromptVersionToolProperties.__key_warning(key) - return super().__getitem__(key) - - def get(self, key: str, default = None) -> Any: - PromptVersionToolProperties.__key_warning(key) - return super().get(key, default) - - def __init__(__self__, *, - tool_spec: 'outputs.PromptVersionToolSpecification'): - """ - Tool details - """ - pulumi.set(__self__, "tool_spec", tool_spec) - - @property - @pulumi.getter(name="toolSpec") - def tool_spec(self) -> 'outputs.PromptVersionToolSpecification': - return pulumi.get(self, "tool_spec") - - @pulumi.output_type class PromptVersionToolSpecification(dict): """ diff --git a/sdk/python/pulumi_aws_native/cognito/get_user_pool_domain.py b/sdk/python/pulumi_aws_native/cognito/get_user_pool_domain.py index 41214a44a6..28ee208816 100644 --- a/sdk/python/pulumi_aws_native/cognito/get_user_pool_domain.py +++ b/sdk/python/pulumi_aws_native/cognito/get_user_pool_domain.py @@ -24,19 +24,13 @@ @pulumi.output_type class GetUserPoolDomainResult: - def __init__(__self__, cloud_front_distribution=None, custom_domain_config=None, id=None, managed_login_version=None): + def __init__(__self__, cloud_front_distribution=None, custom_domain_config=None): if cloud_front_distribution and not isinstance(cloud_front_distribution, str): raise TypeError("Expected argument 'cloud_front_distribution' to be a str") pulumi.set(__self__, "cloud_front_distribution", cloud_front_distribution) if custom_domain_config and not isinstance(custom_domain_config, dict): raise TypeError("Expected argument 'custom_domain_config' to be a dict") pulumi.set(__self__, "custom_domain_config", custom_domain_config) - if id and not isinstance(id, str): - raise TypeError("Expected argument 'id' to be a str") - pulumi.set(__self__, "id", id) - if managed_login_version and not isinstance(managed_login_version, int): - raise TypeError("Expected argument 'managed_login_version' to be a int") - pulumi.set(__self__, "managed_login_version", managed_login_version) @property @pulumi.getter(name="cloudFrontDistribution") @@ -56,22 +50,6 @@ def custom_domain_config(self) -> Optional['outputs.UserPoolDomainCustomDomainCo """ return pulumi.get(self, "custom_domain_config") - @property - @pulumi.getter - def id(self) -> Optional[str]: - """ - The resource ID. - """ - return pulumi.get(self, "id") - - @property - @pulumi.getter(name="managedLoginVersion") - def managed_login_version(self) -> Optional[int]: - """ - A version number that indicates the state of managed login for your domain. Version `1` is hosted UI (classic). Version `2` is the newer managed login with the branding designer. For more information, see [Managed login](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html) . - """ - return pulumi.get(self, "managed_login_version") - class AwaitableGetUserPoolDomainResult(GetUserPoolDomainResult): # pylint: disable=using-constant-test @@ -80,43 +58,43 @@ def __await__(self): yield self return GetUserPoolDomainResult( cloud_front_distribution=self.cloud_front_distribution, - custom_domain_config=self.custom_domain_config, - id=self.id, - managed_login_version=self.managed_login_version) + custom_domain_config=self.custom_domain_config) -def get_user_pool_domain(id: Optional[str] = None, +def get_user_pool_domain(domain: Optional[str] = None, + user_pool_id: Optional[str] = None, opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetUserPoolDomainResult: """ Resource Type definition for AWS::Cognito::UserPoolDomain - :param str id: The resource ID. + :param str domain: The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` . + :param str user_pool_id: The ID of the user pool that is associated with the domain you're updating. """ __args__ = dict() - __args__['id'] = id + __args__['domain'] = domain + __args__['userPoolId'] = user_pool_id opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke('aws-native:cognito:getUserPoolDomain', __args__, opts=opts, typ=GetUserPoolDomainResult).value return AwaitableGetUserPoolDomainResult( cloud_front_distribution=pulumi.get(__ret__, 'cloud_front_distribution'), - custom_domain_config=pulumi.get(__ret__, 'custom_domain_config'), - id=pulumi.get(__ret__, 'id'), - managed_login_version=pulumi.get(__ret__, 'managed_login_version')) -def get_user_pool_domain_output(id: Optional[pulumi.Input[str]] = None, + custom_domain_config=pulumi.get(__ret__, 'custom_domain_config')) +def get_user_pool_domain_output(domain: Optional[pulumi.Input[str]] = None, + user_pool_id: Optional[pulumi.Input[str]] = None, opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetUserPoolDomainResult]: """ Resource Type definition for AWS::Cognito::UserPoolDomain - :param str id: The resource ID. + :param str domain: The name of the domain that you want to update. For custom domains, this is the fully-qualified domain name, for example `auth.example.com` . For prefix domains, this is the prefix alone, such as `myprefix` . + :param str user_pool_id: The ID of the user pool that is associated with the domain you're updating. """ __args__ = dict() - __args__['id'] = id + __args__['domain'] = domain + __args__['userPoolId'] = user_pool_id opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) __ret__ = pulumi.runtime.invoke_output('aws-native:cognito:getUserPoolDomain', __args__, opts=opts, typ=GetUserPoolDomainResult) return __ret__.apply(lambda __response__: GetUserPoolDomainResult( cloud_front_distribution=pulumi.get(__response__, 'cloud_front_distribution'), - custom_domain_config=pulumi.get(__response__, 'custom_domain_config'), - id=pulumi.get(__response__, 'id'), - managed_login_version=pulumi.get(__response__, 'managed_login_version'))) + custom_domain_config=pulumi.get(__response__, 'custom_domain_config'))) diff --git a/sdk/python/pulumi_aws_native/cognito/user_pool_domain.py b/sdk/python/pulumi_aws_native/cognito/user_pool_domain.py index 91f8a470bf..4391def044 100644 --- a/sdk/python/pulumi_aws_native/cognito/user_pool_domain.py +++ b/sdk/python/pulumi_aws_native/cognito/user_pool_domain.py @@ -159,7 +159,6 @@ def _internal_init(__self__, if user_pool_id is None and not opts.urn: raise TypeError("Missing required property 'user_pool_id'") __props__.__dict__["user_pool_id"] = user_pool_id - __props__.__dict__["aws_id"] = None __props__.__dict__["cloud_front_distribution"] = None replace_on_changes = pulumi.ResourceOptions(replace_on_changes=["domain", "userPoolId"]) opts = pulumi.ResourceOptions.merge(opts, replace_on_changes) @@ -185,7 +184,6 @@ def get(resource_name: str, __props__ = UserPoolDomainArgs.__new__(UserPoolDomainArgs) - __props__.__dict__["aws_id"] = None __props__.__dict__["cloud_front_distribution"] = None __props__.__dict__["custom_domain_config"] = None __props__.__dict__["domain"] = None @@ -193,14 +191,6 @@ def get(resource_name: str, __props__.__dict__["user_pool_id"] = None return UserPoolDomain(resource_name, opts=opts, __props__=__props__) - @property - @pulumi.getter(name="awsId") - def aws_id(self) -> pulumi.Output[str]: - """ - The resource ID. - """ - return pulumi.get(self, "aws_id") - @property @pulumi.getter(name="cloudFrontDistribution") def cloud_front_distribution(self) -> pulumi.Output[str]: diff --git a/sdk/python/pulumi_aws_native/connect/__init__.py b/sdk/python/pulumi_aws_native/connect/__init__.py index 074a3c8dd1..ab03461df5 100644 --- a/sdk/python/pulumi_aws_native/connect/__init__.py +++ b/sdk/python/pulumi_aws_native/connect/__init__.py @@ -10,11 +10,13 @@ from .approved_origin import * from .contact_flow import * from .contact_flow_module import * +from .contact_flow_version import * from .email_address import * from .evaluation_form import * from .get_agent_status import * from .get_contact_flow import * from .get_contact_flow_module import * +from .get_contact_flow_version import * from .get_email_address import * from .get_evaluation_form import * from .get_hours_of_operation import * diff --git a/sdk/python/pulumi_aws_native/connect/contact_flow_version.py b/sdk/python/pulumi_aws_native/connect/contact_flow_version.py new file mode 100644 index 0000000000..74bd650d69 --- /dev/null +++ b/sdk/python/pulumi_aws_native/connect/contact_flow_version.py @@ -0,0 +1,186 @@ +# coding=utf-8 +# *** WARNING: this file was generated by pulumi-language-python. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities + +__all__ = ['ContactFlowVersionArgs', 'ContactFlowVersion'] + +@pulumi.input_type +class ContactFlowVersionArgs: + def __init__(__self__, *, + contact_flow_id: pulumi.Input[str], + description: Optional[pulumi.Input[str]] = None): + """ + The set of arguments for constructing a ContactFlowVersion resource. + :param pulumi.Input[str] contact_flow_id: The ARN of the contact flow this version is tied to. + :param pulumi.Input[str] description: The description of the version. + """ + pulumi.set(__self__, "contact_flow_id", contact_flow_id) + if description is not None: + pulumi.set(__self__, "description", description) + + @property + @pulumi.getter(name="contactFlowId") + def contact_flow_id(self) -> pulumi.Input[str]: + """ + The ARN of the contact flow this version is tied to. + """ + return pulumi.get(self, "contact_flow_id") + + @contact_flow_id.setter + def contact_flow_id(self, value: pulumi.Input[str]): + pulumi.set(self, "contact_flow_id", value) + + @property + @pulumi.getter + def description(self) -> Optional[pulumi.Input[str]]: + """ + The description of the version. + """ + return pulumi.get(self, "description") + + @description.setter + def description(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "description", value) + + +class ContactFlowVersion(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + contact_flow_id: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + __props__=None): + """ + Resource Type Definition for ContactFlowVersion + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] contact_flow_id: The ARN of the contact flow this version is tied to. + :param pulumi.Input[str] description: The description of the version. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: ContactFlowVersionArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Resource Type Definition for ContactFlowVersion + + :param str resource_name: The name of the resource. + :param ContactFlowVersionArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(ContactFlowVersionArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + contact_flow_id: Optional[pulumi.Input[str]] = None, + description: Optional[pulumi.Input[str]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = ContactFlowVersionArgs.__new__(ContactFlowVersionArgs) + + if contact_flow_id is None and not opts.urn: + raise TypeError("Missing required property 'contact_flow_id'") + __props__.__dict__["contact_flow_id"] = contact_flow_id + __props__.__dict__["description"] = description + __props__.__dict__["contact_flow_version_arn"] = None + __props__.__dict__["flow_content_sha256"] = None + __props__.__dict__["version"] = None + replace_on_changes = pulumi.ResourceOptions(replace_on_changes=["contactFlowId", "description"]) + opts = pulumi.ResourceOptions.merge(opts, replace_on_changes) + super(ContactFlowVersion, __self__).__init__( + 'aws-native:connect:ContactFlowVersion', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None) -> 'ContactFlowVersion': + """ + Get an existing ContactFlowVersion resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = ContactFlowVersionArgs.__new__(ContactFlowVersionArgs) + + __props__.__dict__["contact_flow_id"] = None + __props__.__dict__["contact_flow_version_arn"] = None + __props__.__dict__["description"] = None + __props__.__dict__["flow_content_sha256"] = None + __props__.__dict__["version"] = None + return ContactFlowVersion(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="contactFlowId") + def contact_flow_id(self) -> pulumi.Output[str]: + """ + The ARN of the contact flow this version is tied to. + """ + return pulumi.get(self, "contact_flow_id") + + @property + @pulumi.getter(name="contactFlowVersionArn") + def contact_flow_version_arn(self) -> pulumi.Output[str]: + """ + The identifier of the contact flow version (ARN). + """ + return pulumi.get(self, "contact_flow_version_arn") + + @property + @pulumi.getter + def description(self) -> pulumi.Output[Optional[str]]: + """ + The description of the version. + """ + return pulumi.get(self, "description") + + @property + @pulumi.getter(name="flowContentSha256") + def flow_content_sha256(self) -> pulumi.Output[str]: + """ + Indicates the checksum value of the latest published flow content + """ + return pulumi.get(self, "flow_content_sha256") + + @property + @pulumi.getter + def version(self) -> pulumi.Output[int]: + """ + The version number of this revision + """ + return pulumi.get(self, "version") + diff --git a/sdk/python/pulumi_aws_native/connect/get_contact_flow_version.py b/sdk/python/pulumi_aws_native/connect/get_contact_flow_version.py new file mode 100644 index 0000000000..c82bccdfe8 --- /dev/null +++ b/sdk/python/pulumi_aws_native/connect/get_contact_flow_version.py @@ -0,0 +1,105 @@ +# coding=utf-8 +# *** WARNING: this file was generated by pulumi-language-python. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities + +__all__ = [ + 'GetContactFlowVersionResult', + 'AwaitableGetContactFlowVersionResult', + 'get_contact_flow_version', + 'get_contact_flow_version_output', +] + +@pulumi.output_type +class GetContactFlowVersionResult: + def __init__(__self__, contact_flow_version_arn=None, flow_content_sha256=None, version=None): + if contact_flow_version_arn and not isinstance(contact_flow_version_arn, str): + raise TypeError("Expected argument 'contact_flow_version_arn' to be a str") + pulumi.set(__self__, "contact_flow_version_arn", contact_flow_version_arn) + if flow_content_sha256 and not isinstance(flow_content_sha256, str): + raise TypeError("Expected argument 'flow_content_sha256' to be a str") + pulumi.set(__self__, "flow_content_sha256", flow_content_sha256) + if version and not isinstance(version, int): + raise TypeError("Expected argument 'version' to be a int") + pulumi.set(__self__, "version", version) + + @property + @pulumi.getter(name="contactFlowVersionArn") + def contact_flow_version_arn(self) -> Optional[str]: + """ + The identifier of the contact flow version (ARN). + """ + return pulumi.get(self, "contact_flow_version_arn") + + @property + @pulumi.getter(name="flowContentSha256") + def flow_content_sha256(self) -> Optional[str]: + """ + Indicates the checksum value of the latest published flow content + """ + return pulumi.get(self, "flow_content_sha256") + + @property + @pulumi.getter + def version(self) -> Optional[int]: + """ + The version number of this revision + """ + return pulumi.get(self, "version") + + +class AwaitableGetContactFlowVersionResult(GetContactFlowVersionResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetContactFlowVersionResult( + contact_flow_version_arn=self.contact_flow_version_arn, + flow_content_sha256=self.flow_content_sha256, + version=self.version) + + +def get_contact_flow_version(contact_flow_version_arn: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetContactFlowVersionResult: + """ + Resource Type Definition for ContactFlowVersion + + + :param str contact_flow_version_arn: The identifier of the contact flow version (ARN). + """ + __args__ = dict() + __args__['contactFlowVersionArn'] = contact_flow_version_arn + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('aws-native:connect:getContactFlowVersion', __args__, opts=opts, typ=GetContactFlowVersionResult).value + + return AwaitableGetContactFlowVersionResult( + contact_flow_version_arn=pulumi.get(__ret__, 'contact_flow_version_arn'), + flow_content_sha256=pulumi.get(__ret__, 'flow_content_sha256'), + version=pulumi.get(__ret__, 'version')) +def get_contact_flow_version_output(contact_flow_version_arn: Optional[pulumi.Input[str]] = None, + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetContactFlowVersionResult]: + """ + Resource Type Definition for ContactFlowVersion + + + :param str contact_flow_version_arn: The identifier of the contact flow version (ARN). + """ + __args__ = dict() + __args__['contactFlowVersionArn'] = contact_flow_version_arn + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke_output('aws-native:connect:getContactFlowVersion', __args__, opts=opts, typ=GetContactFlowVersionResult) + return __ret__.apply(lambda __response__: GetContactFlowVersionResult( + contact_flow_version_arn=pulumi.get(__response__, 'contact_flow_version_arn'), + flow_content_sha256=pulumi.get(__response__, 'flow_content_sha256'), + version=pulumi.get(__response__, 'version'))) diff --git a/sdk/python/pulumi_aws_native/datasync/_enums.py b/sdk/python/pulumi_aws_native/datasync/_enums.py index 4aec8b32a8..9b6f01758d 100644 --- a/sdk/python/pulumi_aws_native/datasync/_enums.py +++ b/sdk/python/pulumi_aws_native/datasync/_enums.py @@ -19,6 +19,7 @@ 'LocationNfsMountOptionsVersion', 'LocationObjectStorageServerProtocol', 'LocationS3S3StorageClass', + 'LocationSmbAuthenticationType', 'LocationSmbMountOptionsVersion', 'StorageSystemConnectivityStatus', 'StorageSystemSystemType', @@ -180,6 +181,14 @@ class LocationS3S3StorageClass(str, Enum): DEEP_ARCHIVE = "DEEP_ARCHIVE" +class LocationSmbAuthenticationType(str, Enum): + """ + The authentication mode used to determine identity of user. + """ + NTLM = "NTLM" + KERBEROS = "KERBEROS" + + class LocationSmbMountOptionsVersion(str, Enum): """ The specific SMB version that you want DataSync to use to mount your SMB share. diff --git a/sdk/python/pulumi_aws_native/datasync/get_location_smb.py b/sdk/python/pulumi_aws_native/datasync/get_location_smb.py index e8132c5745..6f830b869d 100644 --- a/sdk/python/pulumi_aws_native/datasync/get_location_smb.py +++ b/sdk/python/pulumi_aws_native/datasync/get_location_smb.py @@ -26,13 +26,22 @@ @pulumi.output_type class GetLocationSmbResult: - def __init__(__self__, agent_arns=None, domain=None, location_arn=None, location_uri=None, mount_options=None, tags=None, user=None): + def __init__(__self__, agent_arns=None, authentication_type=None, dns_ip_addresses=None, domain=None, kerberos_principal=None, location_arn=None, location_uri=None, mount_options=None, tags=None, user=None): if agent_arns and not isinstance(agent_arns, list): raise TypeError("Expected argument 'agent_arns' to be a list") pulumi.set(__self__, "agent_arns", agent_arns) + if authentication_type and not isinstance(authentication_type, str): + raise TypeError("Expected argument 'authentication_type' to be a str") + pulumi.set(__self__, "authentication_type", authentication_type) + if dns_ip_addresses and not isinstance(dns_ip_addresses, list): + raise TypeError("Expected argument 'dns_ip_addresses' to be a list") + pulumi.set(__self__, "dns_ip_addresses", dns_ip_addresses) if domain and not isinstance(domain, str): raise TypeError("Expected argument 'domain' to be a str") pulumi.set(__self__, "domain", domain) + if kerberos_principal and not isinstance(kerberos_principal, str): + raise TypeError("Expected argument 'kerberos_principal' to be a str") + pulumi.set(__self__, "kerberos_principal", kerberos_principal) if location_arn and not isinstance(location_arn, str): raise TypeError("Expected argument 'location_arn' to be a str") pulumi.set(__self__, "location_arn", location_arn) @@ -57,6 +66,22 @@ def agent_arns(self) -> Optional[Sequence[str]]: """ return pulumi.get(self, "agent_arns") + @property + @pulumi.getter(name="authenticationType") + def authentication_type(self) -> Optional['LocationSmbAuthenticationType']: + """ + The authentication mode used to determine identity of user. + """ + return pulumi.get(self, "authentication_type") + + @property + @pulumi.getter(name="dnsIpAddresses") + def dns_ip_addresses(self) -> Optional[Sequence[str]]: + """ + Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + """ + return pulumi.get(self, "dns_ip_addresses") + @property @pulumi.getter def domain(self) -> Optional[str]: @@ -65,6 +90,14 @@ def domain(self) -> Optional[str]: """ return pulumi.get(self, "domain") + @property + @pulumi.getter(name="kerberosPrincipal") + def kerberos_principal(self) -> Optional[str]: + """ + Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + """ + return pulumi.get(self, "kerberos_principal") + @property @pulumi.getter(name="locationArn") def location_arn(self) -> Optional[str]: @@ -113,7 +146,10 @@ def __await__(self): yield self return GetLocationSmbResult( agent_arns=self.agent_arns, + authentication_type=self.authentication_type, + dns_ip_addresses=self.dns_ip_addresses, domain=self.domain, + kerberos_principal=self.kerberos_principal, location_arn=self.location_arn, location_uri=self.location_uri, mount_options=self.mount_options, @@ -136,7 +172,10 @@ def get_location_smb(location_arn: Optional[str] = None, return AwaitableGetLocationSmbResult( agent_arns=pulumi.get(__ret__, 'agent_arns'), + authentication_type=pulumi.get(__ret__, 'authentication_type'), + dns_ip_addresses=pulumi.get(__ret__, 'dns_ip_addresses'), domain=pulumi.get(__ret__, 'domain'), + kerberos_principal=pulumi.get(__ret__, 'kerberos_principal'), location_arn=pulumi.get(__ret__, 'location_arn'), location_uri=pulumi.get(__ret__, 'location_uri'), mount_options=pulumi.get(__ret__, 'mount_options'), @@ -156,7 +195,10 @@ def get_location_smb_output(location_arn: Optional[pulumi.Input[str]] = None, __ret__ = pulumi.runtime.invoke_output('aws-native:datasync:getLocationSmb', __args__, opts=opts, typ=GetLocationSmbResult) return __ret__.apply(lambda __response__: GetLocationSmbResult( agent_arns=pulumi.get(__response__, 'agent_arns'), + authentication_type=pulumi.get(__response__, 'authentication_type'), + dns_ip_addresses=pulumi.get(__response__, 'dns_ip_addresses'), domain=pulumi.get(__response__, 'domain'), + kerberos_principal=pulumi.get(__response__, 'kerberos_principal'), location_arn=pulumi.get(__response__, 'location_arn'), location_uri=pulumi.get(__response__, 'location_uri'), mount_options=pulumi.get(__response__, 'mount_options'), diff --git a/sdk/python/pulumi_aws_native/datasync/location_smb.py b/sdk/python/pulumi_aws_native/datasync/location_smb.py index 44399d461b..a68f25a89a 100644 --- a/sdk/python/pulumi_aws_native/datasync/location_smb.py +++ b/sdk/python/pulumi_aws_native/datasync/location_smb.py @@ -25,28 +25,47 @@ class LocationSmbArgs: def __init__(__self__, *, agent_arns: pulumi.Input[Sequence[pulumi.Input[str]]], - user: pulumi.Input[str], + authentication_type: Optional[pulumi.Input['LocationSmbAuthenticationType']] = None, + dns_ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, domain: Optional[pulumi.Input[str]] = None, + kerberos_keytab: Optional[pulumi.Input[str]] = None, + kerberos_krb5_conf: Optional[pulumi.Input[str]] = None, + kerberos_principal: Optional[pulumi.Input[str]] = None, mount_options: Optional[pulumi.Input['LocationSmbMountOptionsArgs']] = None, password: Optional[pulumi.Input[str]] = None, server_hostname: Optional[pulumi.Input[str]] = None, subdirectory: Optional[pulumi.Input[str]] = None, - tags: Optional[pulumi.Input[Sequence[pulumi.Input['_root_inputs.TagArgs']]]] = None): + tags: Optional[pulumi.Input[Sequence[pulumi.Input['_root_inputs.TagArgs']]]] = None, + user: Optional[pulumi.Input[str]] = None): """ The set of arguments for constructing a LocationSmb resource. :param pulumi.Input[Sequence[pulumi.Input[str]]] agent_arns: The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location. - :param pulumi.Input[str] user: The user who can mount the share, has the permissions to access files and folders in the SMB share. + :param pulumi.Input['LocationSmbAuthenticationType'] authentication_type: The authentication mode used to determine identity of user. + :param pulumi.Input[Sequence[pulumi.Input[str]]] dns_ip_addresses: Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. :param pulumi.Input[str] domain: The name of the Windows domain that the SMB server belongs to. + :param pulumi.Input[str] kerberos_keytab: The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file. + :param pulumi.Input[str] kerberos_krb5_conf: The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file. + :param pulumi.Input[str] kerberos_principal: Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. :param pulumi.Input['LocationSmbMountOptionsArgs'] mount_options: Specifies the version of the SMB protocol that DataSync uses to access your SMB file server. :param pulumi.Input[str] password: The password of the user who can mount the share and has the permissions to access files and folders in the SMB share. :param pulumi.Input[str] server_hostname: The name of the SMB server. This value is the IP address or Domain Name Service (DNS) name of the SMB server. :param pulumi.Input[str] subdirectory: The subdirectory in the SMB file system that is used to read data from the SMB source location or write data to the SMB destination :param pulumi.Input[Sequence[pulumi.Input['_root_inputs.TagArgs']]] tags: An array of key-value pairs to apply to this resource. + :param pulumi.Input[str] user: The user who can mount the share, has the permissions to access files and folders in the SMB share. """ pulumi.set(__self__, "agent_arns", agent_arns) - pulumi.set(__self__, "user", user) + if authentication_type is not None: + pulumi.set(__self__, "authentication_type", authentication_type) + if dns_ip_addresses is not None: + pulumi.set(__self__, "dns_ip_addresses", dns_ip_addresses) if domain is not None: pulumi.set(__self__, "domain", domain) + if kerberos_keytab is not None: + pulumi.set(__self__, "kerberos_keytab", kerberos_keytab) + if kerberos_krb5_conf is not None: + pulumi.set(__self__, "kerberos_krb5_conf", kerberos_krb5_conf) + if kerberos_principal is not None: + pulumi.set(__self__, "kerberos_principal", kerberos_principal) if mount_options is not None: pulumi.set(__self__, "mount_options", mount_options) if password is not None: @@ -57,6 +76,8 @@ def __init__(__self__, *, pulumi.set(__self__, "subdirectory", subdirectory) if tags is not None: pulumi.set(__self__, "tags", tags) + if user is not None: + pulumi.set(__self__, "user", user) @property @pulumi.getter(name="agentArns") @@ -71,16 +92,28 @@ def agent_arns(self, value: pulumi.Input[Sequence[pulumi.Input[str]]]): pulumi.set(self, "agent_arns", value) @property - @pulumi.getter - def user(self) -> pulumi.Input[str]: + @pulumi.getter(name="authenticationType") + def authentication_type(self) -> Optional[pulumi.Input['LocationSmbAuthenticationType']]: """ - The user who can mount the share, has the permissions to access files and folders in the SMB share. + The authentication mode used to determine identity of user. """ - return pulumi.get(self, "user") + return pulumi.get(self, "authentication_type") - @user.setter - def user(self, value: pulumi.Input[str]): - pulumi.set(self, "user", value) + @authentication_type.setter + def authentication_type(self, value: Optional[pulumi.Input['LocationSmbAuthenticationType']]): + pulumi.set(self, "authentication_type", value) + + @property + @pulumi.getter(name="dnsIpAddresses") + def dns_ip_addresses(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + """ + return pulumi.get(self, "dns_ip_addresses") + + @dns_ip_addresses.setter + def dns_ip_addresses(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "dns_ip_addresses", value) @property @pulumi.getter @@ -94,6 +127,42 @@ def domain(self) -> Optional[pulumi.Input[str]]: def domain(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "domain", value) + @property + @pulumi.getter(name="kerberosKeytab") + def kerberos_keytab(self) -> Optional[pulumi.Input[str]]: + """ + The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file. + """ + return pulumi.get(self, "kerberos_keytab") + + @kerberos_keytab.setter + def kerberos_keytab(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "kerberos_keytab", value) + + @property + @pulumi.getter(name="kerberosKrb5Conf") + def kerberos_krb5_conf(self) -> Optional[pulumi.Input[str]]: + """ + The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file. + """ + return pulumi.get(self, "kerberos_krb5_conf") + + @kerberos_krb5_conf.setter + def kerberos_krb5_conf(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "kerberos_krb5_conf", value) + + @property + @pulumi.getter(name="kerberosPrincipal") + def kerberos_principal(self) -> Optional[pulumi.Input[str]]: + """ + Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + """ + return pulumi.get(self, "kerberos_principal") + + @kerberos_principal.setter + def kerberos_principal(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "kerberos_principal", value) + @property @pulumi.getter(name="mountOptions") def mount_options(self) -> Optional[pulumi.Input['LocationSmbMountOptionsArgs']]: @@ -154,6 +223,18 @@ def tags(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['_root_inputs.TagA def tags(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['_root_inputs.TagArgs']]]]): pulumi.set(self, "tags", value) + @property + @pulumi.getter + def user(self) -> Optional[pulumi.Input[str]]: + """ + The user who can mount the share, has the permissions to access files and folders in the SMB share. + """ + return pulumi.get(self, "user") + + @user.setter + def user(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "user", value) + class LocationSmb(pulumi.CustomResource): @overload @@ -161,7 +242,12 @@ def __init__(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, agent_arns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + authentication_type: Optional[pulumi.Input['LocationSmbAuthenticationType']] = None, + dns_ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, domain: Optional[pulumi.Input[str]] = None, + kerberos_keytab: Optional[pulumi.Input[str]] = None, + kerberos_krb5_conf: Optional[pulumi.Input[str]] = None, + kerberos_principal: Optional[pulumi.Input[str]] = None, mount_options: Optional[pulumi.Input[Union['LocationSmbMountOptionsArgs', 'LocationSmbMountOptionsArgsDict']]] = None, password: Optional[pulumi.Input[str]] = None, server_hostname: Optional[pulumi.Input[str]] = None, @@ -175,7 +261,12 @@ def __init__(__self__, :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[Sequence[pulumi.Input[str]]] agent_arns: The Amazon Resource Names (ARNs) of agents to use for a Simple Message Block (SMB) location. + :param pulumi.Input['LocationSmbAuthenticationType'] authentication_type: The authentication mode used to determine identity of user. + :param pulumi.Input[Sequence[pulumi.Input[str]]] dns_ip_addresses: Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. :param pulumi.Input[str] domain: The name of the Windows domain that the SMB server belongs to. + :param pulumi.Input[str] kerberos_keytab: The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file. + :param pulumi.Input[str] kerberos_krb5_conf: The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file. + :param pulumi.Input[str] kerberos_principal: Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. :param pulumi.Input[Union['LocationSmbMountOptionsArgs', 'LocationSmbMountOptionsArgsDict']] mount_options: Specifies the version of the SMB protocol that DataSync uses to access your SMB file server. :param pulumi.Input[str] password: The password of the user who can mount the share and has the permissions to access files and folders in the SMB share. :param pulumi.Input[str] server_hostname: The name of the SMB server. This value is the IP address or Domain Name Service (DNS) name of the SMB server. @@ -208,7 +299,12 @@ def _internal_init(__self__, resource_name: str, opts: Optional[pulumi.ResourceOptions] = None, agent_arns: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + authentication_type: Optional[pulumi.Input['LocationSmbAuthenticationType']] = None, + dns_ip_addresses: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, domain: Optional[pulumi.Input[str]] = None, + kerberos_keytab: Optional[pulumi.Input[str]] = None, + kerberos_krb5_conf: Optional[pulumi.Input[str]] = None, + kerberos_principal: Optional[pulumi.Input[str]] = None, mount_options: Optional[pulumi.Input[Union['LocationSmbMountOptionsArgs', 'LocationSmbMountOptionsArgsDict']]] = None, password: Optional[pulumi.Input[str]] = None, server_hostname: Optional[pulumi.Input[str]] = None, @@ -227,19 +323,20 @@ def _internal_init(__self__, if agent_arns is None and not opts.urn: raise TypeError("Missing required property 'agent_arns'") __props__.__dict__["agent_arns"] = agent_arns + __props__.__dict__["authentication_type"] = authentication_type + __props__.__dict__["dns_ip_addresses"] = dns_ip_addresses __props__.__dict__["domain"] = domain + __props__.__dict__["kerberos_keytab"] = kerberos_keytab + __props__.__dict__["kerberos_krb5_conf"] = kerberos_krb5_conf + __props__.__dict__["kerberos_principal"] = kerberos_principal __props__.__dict__["mount_options"] = mount_options __props__.__dict__["password"] = password __props__.__dict__["server_hostname"] = server_hostname __props__.__dict__["subdirectory"] = subdirectory __props__.__dict__["tags"] = tags - if user is None and not opts.urn: - raise TypeError("Missing required property 'user'") __props__.__dict__["user"] = user __props__.__dict__["location_arn"] = None __props__.__dict__["location_uri"] = None - replace_on_changes = pulumi.ResourceOptions(replace_on_changes=["serverHostname"]) - opts = pulumi.ResourceOptions.merge(opts, replace_on_changes) super(LocationSmb, __self__).__init__( 'aws-native:datasync:LocationSmb', resource_name, @@ -263,7 +360,12 @@ def get(resource_name: str, __props__ = LocationSmbArgs.__new__(LocationSmbArgs) __props__.__dict__["agent_arns"] = None + __props__.__dict__["authentication_type"] = None + __props__.__dict__["dns_ip_addresses"] = None __props__.__dict__["domain"] = None + __props__.__dict__["kerberos_keytab"] = None + __props__.__dict__["kerberos_krb5_conf"] = None + __props__.__dict__["kerberos_principal"] = None __props__.__dict__["location_arn"] = None __props__.__dict__["location_uri"] = None __props__.__dict__["mount_options"] = None @@ -282,6 +384,22 @@ def agent_arns(self) -> pulumi.Output[Sequence[str]]: """ return pulumi.get(self, "agent_arns") + @property + @pulumi.getter(name="authenticationType") + def authentication_type(self) -> pulumi.Output[Optional['LocationSmbAuthenticationType']]: + """ + The authentication mode used to determine identity of user. + """ + return pulumi.get(self, "authentication_type") + + @property + @pulumi.getter(name="dnsIpAddresses") + def dns_ip_addresses(self) -> pulumi.Output[Optional[Sequence[str]]]: + """ + Specifies the IPv4 addresses for the DNS servers that your SMB file server belongs to. This parameter applies only if AuthenticationType is set to KERBEROS. If you have multiple domains in your environment, configuring this parameter makes sure that DataSync connects to the right SMB file server. + """ + return pulumi.get(self, "dns_ip_addresses") + @property @pulumi.getter def domain(self) -> pulumi.Output[Optional[str]]: @@ -290,6 +408,30 @@ def domain(self) -> pulumi.Output[Optional[str]]: """ return pulumi.get(self, "domain") + @property + @pulumi.getter(name="kerberosKeytab") + def kerberos_keytab(self) -> pulumi.Output[Optional[str]]: + """ + The Base64 string representation of the Keytab file. Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys. To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for KerberosPrincipal and in your krb5.conf file. + """ + return pulumi.get(self, "kerberos_keytab") + + @property + @pulumi.getter(name="kerberosKrb5Conf") + def kerberos_krb5_conf(self) -> pulumi.Output[Optional[str]]: + """ + The string representation of the Krb5Conf file, or the presigned URL to access the Krb5.conf file within an S3 bucket. Specifies a Kerberos configuration file (krb5.conf) that defines your Kerberos realm configuration. To avoid task execution errors, make sure that the service principal name (SPN) in the krb5.conf file matches exactly what you specify for KerberosPrincipal and in your keytab file. + """ + return pulumi.get(self, "kerberos_krb5_conf") + + @property + @pulumi.getter(name="kerberosPrincipal") + def kerberos_principal(self) -> pulumi.Output[Optional[str]]: + """ + Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server. SPNs are case sensitive and must include a prepended cifs/. For example, an SPN might look like cifs/kerberosuser@EXAMPLE.COM. Your task execution will fail if the SPN that you provide for this parameter doesn't match exactly what's in your keytab or krb5.conf files. + """ + return pulumi.get(self, "kerberos_principal") + @property @pulumi.getter(name="locationArn") def location_arn(self) -> pulumi.Output[str]: @@ -348,7 +490,7 @@ def tags(self) -> pulumi.Output[Optional[Sequence['_root_outputs.Tag']]]: @property @pulumi.getter - def user(self) -> pulumi.Output[str]: + def user(self) -> pulumi.Output[Optional[str]]: """ The user who can mount the share, has the permissions to access files and folders in the SMB share. """ diff --git a/sdk/python/pulumi_aws_native/ecs/_inputs.py b/sdk/python/pulumi_aws_native/ecs/_inputs.py index d79b3d9a95..7a0eadb3cb 100644 --- a/sdk/python/pulumi_aws_native/ecs/_inputs.py +++ b/sdk/python/pulumi_aws_native/ecs/_inputs.py @@ -905,7 +905,9 @@ def namespace(self, value: Optional[pulumi.Input[str]]): if not MYPY: class ClusterSettingsArgsDict(TypedDict): """ - The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. """ name: NotRequired[pulumi.Input[str]] """ @@ -913,8 +915,10 @@ class ClusterSettingsArgsDict(TypedDict): """ value: NotRequired[pulumi.Input[str]] """ - The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. - If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). + The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. + To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. + To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. + If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). """ elif False: ClusterSettingsArgsDict: TypeAlias = Mapping[str, Any] @@ -925,10 +929,14 @@ def __init__(__self__, *, name: Optional[pulumi.Input[str]] = None, value: Optional[pulumi.Input[str]] = None): """ - The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. :param pulumi.Input[str] name: The name of the cluster setting. The value is ``containerInsights`` . - :param pulumi.Input[str] value: The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. - If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). + :param pulumi.Input[str] value: The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. + To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. + To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. + If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). """ if name is not None: pulumi.set(__self__, "name", name) @@ -951,8 +959,10 @@ def name(self, value: Optional[pulumi.Input[str]]): @pulumi.getter def value(self) -> Optional[pulumi.Input[str]]: """ - The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. - If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). + The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. + To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. + To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. + If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). """ return pulumi.get(self, "value") diff --git a/sdk/python/pulumi_aws_native/ecs/cluster.py b/sdk/python/pulumi_aws_native/ecs/cluster.py index fe069b9d3e..0e17179524 100644 --- a/sdk/python/pulumi_aws_native/ecs/cluster.py +++ b/sdk/python/pulumi_aws_native/ecs/cluster.py @@ -37,7 +37,9 @@ def __init__(__self__, *, To use a FARGATElong capacity provider, specify either the ``FARGATE`` or ``FARGATE_SPOT`` capacity providers. The FARGATElong capacity providers are available to all accounts and only need to be associated with a cluster to be used. The [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created. :param pulumi.Input[str] cluster_name: A user-generated string that you use to identify your cluster. If you don't specify a name, CFNlong generates a unique physical ID for the name. - :param pulumi.Input[Sequence[pulumi.Input['ClusterSettingsArgs']]] cluster_settings: The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + :param pulumi.Input[Sequence[pulumi.Input['ClusterSettingsArgs']]] cluster_settings: The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. :param pulumi.Input['ClusterConfigurationArgs'] configuration: The execute command and managed storage configuration for the cluster. :param pulumi.Input[Sequence[pulumi.Input['ClusterCapacityProviderStrategyItemArgs']]] default_capacity_provider_strategy: The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used. :param pulumi.Input['ClusterServiceConnectDefaultsArgs'] service_connect_defaults: Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the ``enabled`` parameter to ``true`` in the ``ServiceConnectConfiguration``. You can set the namespace of each service individually in the ``ServiceConnectConfiguration`` to override this default parameter. @@ -98,7 +100,9 @@ def cluster_name(self, value: Optional[pulumi.Input[str]]): @pulumi.getter(name="clusterSettings") def cluster_settings(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['ClusterSettingsArgs']]]]: """ - The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. """ return pulumi.get(self, "cluster_settings") @@ -187,7 +191,9 @@ def __init__(__self__, To use a FARGATElong capacity provider, specify either the ``FARGATE`` or ``FARGATE_SPOT`` capacity providers. The FARGATElong capacity providers are available to all accounts and only need to be associated with a cluster to be used. The [PutCapacityProvider](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutCapacityProvider.html) API operation is used to update the list of available capacity providers for a cluster after the cluster is created. :param pulumi.Input[str] cluster_name: A user-generated string that you use to identify your cluster. If you don't specify a name, CFNlong generates a unique physical ID for the name. - :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterSettingsArgs', 'ClusterSettingsArgsDict']]]] cluster_settings: The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterSettingsArgs', 'ClusterSettingsArgsDict']]]] cluster_settings: The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. :param pulumi.Input[Union['ClusterConfigurationArgs', 'ClusterConfigurationArgsDict']] configuration: The execute command and managed storage configuration for the cluster. :param pulumi.Input[Sequence[pulumi.Input[Union['ClusterCapacityProviderStrategyItemArgs', 'ClusterCapacityProviderStrategyItemArgsDict']]]] default_capacity_provider_strategy: The default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used. :param pulumi.Input[Union['ClusterServiceConnectDefaultsArgs', 'ClusterServiceConnectDefaultsArgsDict']] service_connect_defaults: Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the ``enabled`` parameter to ``true`` in the ``ServiceConnectConfiguration``. You can set the namespace of each service individually in the ``ServiceConnectConfiguration`` to override this default parameter. @@ -315,7 +321,9 @@ def cluster_name(self) -> pulumi.Output[Optional[str]]: @pulumi.getter(name="clusterSettings") def cluster_settings(self) -> pulumi.Output[Optional[Sequence['outputs.ClusterSettings']]]: """ - The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. """ return pulumi.get(self, "cluster_settings") diff --git a/sdk/python/pulumi_aws_native/ecs/get_cluster.py b/sdk/python/pulumi_aws_native/ecs/get_cluster.py index 62afb060fe..58ea1f4752 100644 --- a/sdk/python/pulumi_aws_native/ecs/get_cluster.py +++ b/sdk/python/pulumi_aws_native/ecs/get_cluster.py @@ -68,7 +68,9 @@ def capacity_providers(self) -> Optional[Sequence[str]]: @pulumi.getter(name="clusterSettings") def cluster_settings(self) -> Optional[Sequence['outputs.ClusterSettings']]: """ - The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. """ return pulumi.get(self, "cluster_settings") diff --git a/sdk/python/pulumi_aws_native/ecs/outputs.py b/sdk/python/pulumi_aws_native/ecs/outputs.py index e1a5bc3ca0..fa537bff6e 100644 --- a/sdk/python/pulumi_aws_native/ecs/outputs.py +++ b/sdk/python/pulumi_aws_native/ecs/outputs.py @@ -712,16 +712,22 @@ def namespace(self) -> Optional[str]: @pulumi.output_type class ClusterSettings(dict): """ - The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. """ def __init__(__self__, *, name: Optional[str] = None, value: Optional[str] = None): """ - The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights for a cluster. + The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. + Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. + For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. :param str name: The name of the cluster setting. The value is ``containerInsights`` . - :param str value: The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. - If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). + :param str value: The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. + To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. + To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. + If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). """ if name is not None: pulumi.set(__self__, "name", name) @@ -740,8 +746,10 @@ def name(self) -> Optional[str]: @pulumi.getter def value(self) -> Optional[str]: """ - The value to set for the cluster setting. The supported values are ``enabled`` and ``disabled``. - If you set ``name`` to ``containerInsights`` and ``value`` to ``enabled``, CloudWatch Container Insights will be on for the cluster, otherwise it will be off unless the ``containerInsights`` account setting is turned on. If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). + The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. + To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. + To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. + If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). """ return pulumi.get(self, "value") diff --git a/sdk/python/pulumi_aws_native/efs/get_mount_target.py b/sdk/python/pulumi_aws_native/efs/get_mount_target.py index b32a354424..19a7e37b3f 100644 --- a/sdk/python/pulumi_aws_native/efs/get_mount_target.py +++ b/sdk/python/pulumi_aws_native/efs/get_mount_target.py @@ -45,7 +45,7 @@ def id(self) -> Optional[str]: @pulumi.getter(name="securityGroups") def security_groups(self) -> Optional[Sequence[str]]: """ - Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). """ return pulumi.get(self, "security_groups") diff --git a/sdk/python/pulumi_aws_native/efs/mount_target.py b/sdk/python/pulumi_aws_native/efs/mount_target.py index 81ecb29423..1a0dfd6fad 100644 --- a/sdk/python/pulumi_aws_native/efs/mount_target.py +++ b/sdk/python/pulumi_aws_native/efs/mount_target.py @@ -26,7 +26,7 @@ def __init__(__self__, *, """ The set of arguments for constructing a MountTarget resource. :param pulumi.Input[str] file_system_id: The ID of the file system for which to create the mount target. - :param pulumi.Input[Sequence[pulumi.Input[str]]] security_groups: Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + :param pulumi.Input[Sequence[pulumi.Input[str]]] security_groups: VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). :param pulumi.Input[str] subnet_id: The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. :param pulumi.Input[str] ip_address: Valid IPv4 address within the address range of the specified subnet. """ @@ -52,7 +52,7 @@ def file_system_id(self, value: pulumi.Input[str]): @pulumi.getter(name="securityGroups") def security_groups(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: """ - Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). """ return pulumi.get(self, "security_groups") @@ -102,7 +102,7 @@ def __init__(__self__, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] file_system_id: The ID of the file system for which to create the mount target. :param pulumi.Input[str] ip_address: Valid IPv4 address within the address range of the specified subnet. - :param pulumi.Input[Sequence[pulumi.Input[str]]] security_groups: Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + :param pulumi.Input[Sequence[pulumi.Input[str]]] security_groups: VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). :param pulumi.Input[str] subnet_id: The ID of the subnet to add the mount target in. For One Zone file systems, use the subnet that is associated with the file system's Availability Zone. """ ... @@ -214,7 +214,7 @@ def ip_address(self) -> pulumi.Output[Optional[str]]: @pulumi.getter(name="securityGroups") def security_groups(self) -> pulumi.Output[Sequence[str]]: """ - Up to five VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as subnet specified. + VPC security group IDs, of the form ``sg-xxxxxxxx``. These must be for the same VPC as the subnet specified. The maximum number of security groups depends on account quota. For more information, see [Amazon VPC Quotas](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) in the *Amazon VPC User Guide* (see the *Security Groups* table). """ return pulumi.get(self, "security_groups") diff --git a/sdk/python/pulumi_aws_native/emrcontainers/get_virtual_cluster.py b/sdk/python/pulumi_aws_native/emrcontainers/get_virtual_cluster.py index 0a35f76915..e826a6e33c 100644 --- a/sdk/python/pulumi_aws_native/emrcontainers/get_virtual_cluster.py +++ b/sdk/python/pulumi_aws_native/emrcontainers/get_virtual_cluster.py @@ -24,13 +24,16 @@ @pulumi.output_type class GetVirtualClusterResult: - def __init__(__self__, arn=None, id=None, tags=None): + def __init__(__self__, arn=None, id=None, security_configuration_id=None, tags=None): if arn and not isinstance(arn, str): raise TypeError("Expected argument 'arn' to be a str") pulumi.set(__self__, "arn", arn) if id and not isinstance(id, str): raise TypeError("Expected argument 'id' to be a str") pulumi.set(__self__, "id", id) + if security_configuration_id and not isinstance(security_configuration_id, str): + raise TypeError("Expected argument 'security_configuration_id' to be a str") + pulumi.set(__self__, "security_configuration_id", security_configuration_id) if tags and not isinstance(tags, list): raise TypeError("Expected argument 'tags' to be a list") pulumi.set(__self__, "tags", tags) @@ -51,6 +54,14 @@ def id(self) -> Optional[str]: """ return pulumi.get(self, "id") + @property + @pulumi.getter(name="securityConfigurationId") + def security_configuration_id(self) -> Optional[str]: + """ + The ID of the security configuration. + """ + return pulumi.get(self, "security_configuration_id") + @property @pulumi.getter def tags(self) -> Optional[Sequence['_root_outputs.Tag']]: @@ -68,6 +79,7 @@ def __await__(self): return GetVirtualClusterResult( arn=self.arn, id=self.id, + security_configuration_id=self.security_configuration_id, tags=self.tags) @@ -87,6 +99,7 @@ def get_virtual_cluster(id: Optional[str] = None, return AwaitableGetVirtualClusterResult( arn=pulumi.get(__ret__, 'arn'), id=pulumi.get(__ret__, 'id'), + security_configuration_id=pulumi.get(__ret__, 'security_configuration_id'), tags=pulumi.get(__ret__, 'tags')) def get_virtual_cluster_output(id: Optional[pulumi.Input[str]] = None, opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetVirtualClusterResult]: @@ -103,4 +116,5 @@ def get_virtual_cluster_output(id: Optional[pulumi.Input[str]] = None, return __ret__.apply(lambda __response__: GetVirtualClusterResult( arn=pulumi.get(__response__, 'arn'), id=pulumi.get(__response__, 'id'), + security_configuration_id=pulumi.get(__response__, 'security_configuration_id'), tags=pulumi.get(__response__, 'tags'))) diff --git a/sdk/python/pulumi_aws_native/emrcontainers/virtual_cluster.py b/sdk/python/pulumi_aws_native/emrcontainers/virtual_cluster.py index 531c04fbf4..3909df41fd 100644 --- a/sdk/python/pulumi_aws_native/emrcontainers/virtual_cluster.py +++ b/sdk/python/pulumi_aws_native/emrcontainers/virtual_cluster.py @@ -25,16 +25,20 @@ class VirtualClusterArgs: def __init__(__self__, *, container_provider: pulumi.Input['VirtualClusterContainerProviderArgs'], name: Optional[pulumi.Input[str]] = None, + security_configuration_id: Optional[pulumi.Input[str]] = None, tags: Optional[pulumi.Input[Sequence[pulumi.Input['_root_inputs.TagArgs']]]] = None): """ The set of arguments for constructing a VirtualCluster resource. :param pulumi.Input['VirtualClusterContainerProviderArgs'] container_provider: Container provider of the virtual cluster. :param pulumi.Input[str] name: Name of the virtual cluster. + :param pulumi.Input[str] security_configuration_id: The ID of the security configuration. :param pulumi.Input[Sequence[pulumi.Input['_root_inputs.TagArgs']]] tags: An array of key-value pairs to apply to this virtual cluster. """ pulumi.set(__self__, "container_provider", container_provider) if name is not None: pulumi.set(__self__, "name", name) + if security_configuration_id is not None: + pulumi.set(__self__, "security_configuration_id", security_configuration_id) if tags is not None: pulumi.set(__self__, "tags", tags) @@ -62,6 +66,18 @@ def name(self) -> Optional[pulumi.Input[str]]: def name(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "name", value) + @property + @pulumi.getter(name="securityConfigurationId") + def security_configuration_id(self) -> Optional[pulumi.Input[str]]: + """ + The ID of the security configuration. + """ + return pulumi.get(self, "security_configuration_id") + + @security_configuration_id.setter + def security_configuration_id(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "security_configuration_id", value) + @property @pulumi.getter def tags(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['_root_inputs.TagArgs']]]]: @@ -82,6 +98,7 @@ def __init__(__self__, opts: Optional[pulumi.ResourceOptions] = None, container_provider: Optional[pulumi.Input[Union['VirtualClusterContainerProviderArgs', 'VirtualClusterContainerProviderArgsDict']]] = None, name: Optional[pulumi.Input[str]] = None, + security_configuration_id: Optional[pulumi.Input[str]] = None, tags: Optional[pulumi.Input[Sequence[pulumi.Input[Union['_root_inputs.TagArgs', '_root_inputs.TagArgsDict']]]]] = None, __props__=None): """ @@ -141,6 +158,7 @@ def __init__(__self__, :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[Union['VirtualClusterContainerProviderArgs', 'VirtualClusterContainerProviderArgsDict']] container_provider: Container provider of the virtual cluster. :param pulumi.Input[str] name: Name of the virtual cluster. + :param pulumi.Input[str] security_configuration_id: The ID of the security configuration. :param pulumi.Input[Sequence[pulumi.Input[Union['_root_inputs.TagArgs', '_root_inputs.TagArgsDict']]]] tags: An array of key-value pairs to apply to this virtual cluster. """ ... @@ -219,6 +237,7 @@ def _internal_init(__self__, opts: Optional[pulumi.ResourceOptions] = None, container_provider: Optional[pulumi.Input[Union['VirtualClusterContainerProviderArgs', 'VirtualClusterContainerProviderArgsDict']]] = None, name: Optional[pulumi.Input[str]] = None, + security_configuration_id: Optional[pulumi.Input[str]] = None, tags: Optional[pulumi.Input[Sequence[pulumi.Input[Union['_root_inputs.TagArgs', '_root_inputs.TagArgsDict']]]]] = None, __props__=None): opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) @@ -233,6 +252,7 @@ def _internal_init(__self__, raise TypeError("Missing required property 'container_provider'") __props__.__dict__["container_provider"] = container_provider __props__.__dict__["name"] = name + __props__.__dict__["security_configuration_id"] = security_configuration_id __props__.__dict__["tags"] = tags __props__.__dict__["arn"] = None __props__.__dict__["aws_id"] = None @@ -264,6 +284,7 @@ def get(resource_name: str, __props__.__dict__["aws_id"] = None __props__.__dict__["container_provider"] = None __props__.__dict__["name"] = None + __props__.__dict__["security_configuration_id"] = None __props__.__dict__["tags"] = None return VirtualCluster(resource_name, opts=opts, __props__=__props__) @@ -299,6 +320,14 @@ def name(self) -> pulumi.Output[str]: """ return pulumi.get(self, "name") + @property + @pulumi.getter(name="securityConfigurationId") + def security_configuration_id(self) -> pulumi.Output[Optional[str]]: + """ + The ID of the security configuration. + """ + return pulumi.get(self, "security_configuration_id") + @property @pulumi.getter def tags(self) -> pulumi.Output[Optional[Sequence['_root_outputs.Tag']]]: diff --git a/sdk/python/pulumi_aws_native/fms/_inputs.py b/sdk/python/pulumi_aws_native/fms/_inputs.py index 0104c2b6d2..92fe3aef9f 100644 --- a/sdk/python/pulumi_aws_native/fms/_inputs.py +++ b/sdk/python/pulumi_aws_native/fms/_inputs.py @@ -697,7 +697,7 @@ class PolicySecurityServicePolicyDataArgsDict(TypedDict): """ type: pulumi.Input['PolicyType'] """ - The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . """ managed_service_data: NotRequired[pulumi.Input[str]] """ @@ -797,7 +797,7 @@ def __init__(__self__, *, policy_option: Optional[pulumi.Input['PolicyOptionArgs']] = None): """ Firewall security service policy data. - :param pulumi.Input['PolicyType'] type: The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + :param pulumi.Input['PolicyType'] type: The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . :param pulumi.Input[str] managed_service_data: Details about the service that are specific to the service type, in JSON format. - Example: `DNS_FIREWALL` @@ -890,7 +890,7 @@ def __init__(__self__, *, @pulumi.getter def type(self) -> pulumi.Input['PolicyType']: """ - The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . """ return pulumi.get(self, "type") diff --git a/sdk/python/pulumi_aws_native/fms/get_policy.py b/sdk/python/pulumi_aws_native/fms/get_policy.py index 62ca8309a4..12c29f2909 100644 --- a/sdk/python/pulumi_aws_native/fms/get_policy.py +++ b/sdk/python/pulumi_aws_native/fms/get_policy.py @@ -228,7 +228,7 @@ def security_service_policy_data(self) -> Optional['outputs.PolicySecurityServic This contains the following settings: - - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. diff --git a/sdk/python/pulumi_aws_native/fms/outputs.py b/sdk/python/pulumi_aws_native/fms/outputs.py index 902881ca5a..bb35b945c8 100644 --- a/sdk/python/pulumi_aws_native/fms/outputs.py +++ b/sdk/python/pulumi_aws_native/fms/outputs.py @@ -579,7 +579,7 @@ def __init__(__self__, *, policy_option: Optional['outputs.PolicyOption'] = None): """ Firewall security service policy data. - :param 'PolicyType' type: The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + :param 'PolicyType' type: The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . :param str managed_service_data: Details about the service that are specific to the service type, in JSON format. - Example: `DNS_FIREWALL` @@ -672,7 +672,7 @@ def __init__(__self__, *, @pulumi.getter def type(self) -> 'PolicyType': """ - The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . """ return pulumi.get(self, "type") diff --git a/sdk/python/pulumi_aws_native/fms/policy.py b/sdk/python/pulumi_aws_native/fms/policy.py index d9baeb8a76..c77b72bacc 100644 --- a/sdk/python/pulumi_aws_native/fms/policy.py +++ b/sdk/python/pulumi_aws_native/fms/policy.py @@ -47,7 +47,7 @@ def __init__(__self__, *, This contains the following settings: - - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. @@ -248,7 +248,7 @@ def security_service_policy_data(self) -> pulumi.Input['PolicySecurityServicePol This contains the following settings: - - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. @@ -616,7 +616,7 @@ def __init__(__self__, This contains the following settings: - - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. @@ -986,7 +986,7 @@ def security_service_policy_data(self) -> pulumi.Output['outputs.PolicySecurityS This contains the following settings: - - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting AWS Support . + - Type - Indicates the service type that the policy uses to protect the resource. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting . Valid values: `DNS_FIREWALL` | `NETWORK_FIREWALL` | `SECURITY_GROUPS_COMMON` | `SECURITY_GROUPS_CONTENT_AUDIT` | `SECURITY_GROUPS_USAGE_AUDIT` | `SHIELD_ADVANCED` | `THIRD_PARTY_FIREWALL` | `WAFV2` | `WAF` - ManagedServiceData - Details about the service that are specific to the service type, in JSON format. diff --git a/sdk/python/pulumi_aws_native/glue/_inputs.py b/sdk/python/pulumi_aws_native/glue/_inputs.py index 38b47264a3..666dcf7eea 100644 --- a/sdk/python/pulumi_aws_native/glue/_inputs.py +++ b/sdk/python/pulumi_aws_native/glue/_inputs.py @@ -22,6 +22,8 @@ 'CrawlerDeltaTargetArgsDict', 'CrawlerDynamoDbTargetArgs', 'CrawlerDynamoDbTargetArgsDict', + 'CrawlerHudiTargetArgs', + 'CrawlerHudiTargetArgsDict', 'CrawlerIcebergTargetArgs', 'CrawlerIcebergTargetArgsDict', 'CrawlerJdbcTargetArgs', @@ -330,6 +332,102 @@ def path(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "path", value) +if not MYPY: + class CrawlerHudiTargetArgsDict(TypedDict): + """ + Specifies Apache Hudi data store targets. + """ + connection_name: NotRequired[pulumi.Input[str]] + """ + The name of the connection to use to connect to the Hudi target. + """ + exclusions: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] + """ + A list of global patterns used to exclude from the crawl. + """ + maximum_traversal_depth: NotRequired[pulumi.Input[int]] + """ + The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. + """ + paths: NotRequired[pulumi.Input[Sequence[pulumi.Input[str]]]] + """ + One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . + """ +elif False: + CrawlerHudiTargetArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class CrawlerHudiTargetArgs: + def __init__(__self__, *, + connection_name: Optional[pulumi.Input[str]] = None, + exclusions: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None, + maximum_traversal_depth: Optional[pulumi.Input[int]] = None, + paths: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None): + """ + Specifies Apache Hudi data store targets. + :param pulumi.Input[str] connection_name: The name of the connection to use to connect to the Hudi target. + :param pulumi.Input[Sequence[pulumi.Input[str]]] exclusions: A list of global patterns used to exclude from the crawl. + :param pulumi.Input[int] maximum_traversal_depth: The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. + :param pulumi.Input[Sequence[pulumi.Input[str]]] paths: One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . + """ + if connection_name is not None: + pulumi.set(__self__, "connection_name", connection_name) + if exclusions is not None: + pulumi.set(__self__, "exclusions", exclusions) + if maximum_traversal_depth is not None: + pulumi.set(__self__, "maximum_traversal_depth", maximum_traversal_depth) + if paths is not None: + pulumi.set(__self__, "paths", paths) + + @property + @pulumi.getter(name="connectionName") + def connection_name(self) -> Optional[pulumi.Input[str]]: + """ + The name of the connection to use to connect to the Hudi target. + """ + return pulumi.get(self, "connection_name") + + @connection_name.setter + def connection_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "connection_name", value) + + @property + @pulumi.getter + def exclusions(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + A list of global patterns used to exclude from the crawl. + """ + return pulumi.get(self, "exclusions") + + @exclusions.setter + def exclusions(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "exclusions", value) + + @property + @pulumi.getter(name="maximumTraversalDepth") + def maximum_traversal_depth(self) -> Optional[pulumi.Input[int]]: + """ + The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. + """ + return pulumi.get(self, "maximum_traversal_depth") + + @maximum_traversal_depth.setter + def maximum_traversal_depth(self, value: Optional[pulumi.Input[int]]): + pulumi.set(self, "maximum_traversal_depth", value) + + @property + @pulumi.getter + def paths(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]: + """ + One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . + """ + return pulumi.get(self, "paths") + + @paths.setter + def paths(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]): + pulumi.set(self, "paths", value) + + if not MYPY: class CrawlerIcebergTargetArgsDict(TypedDict): """ @@ -921,6 +1019,10 @@ class CrawlerTargetsArgsDict(TypedDict): """ Specifies Amazon DynamoDB targets. """ + hudi_targets: NotRequired[pulumi.Input[Sequence[pulumi.Input['CrawlerHudiTargetArgsDict']]]] + """ + Specifies Apache Hudi data store targets. + """ iceberg_targets: NotRequired[pulumi.Input[Sequence[pulumi.Input['CrawlerIcebergTargetArgsDict']]]] """ Specifies Apache Iceberg data store targets. @@ -946,6 +1048,7 @@ def __init__(__self__, *, catalog_targets: Optional[pulumi.Input[Sequence[pulumi.Input['CrawlerCatalogTargetArgs']]]] = None, delta_targets: Optional[pulumi.Input[Sequence[pulumi.Input['CrawlerDeltaTargetArgs']]]] = None, dynamo_db_targets: Optional[pulumi.Input[Sequence[pulumi.Input['CrawlerDynamoDbTargetArgs']]]] = None, + hudi_targets: Optional[pulumi.Input[Sequence[pulumi.Input['CrawlerHudiTargetArgs']]]] = None, iceberg_targets: Optional[pulumi.Input[Sequence[pulumi.Input['CrawlerIcebergTargetArgs']]]] = None, jdbc_targets: Optional[pulumi.Input[Sequence[pulumi.Input['CrawlerJdbcTargetArgs']]]] = None, mongo_db_targets: Optional[pulumi.Input[Sequence[pulumi.Input['CrawlerMongoDbTargetArgs']]]] = None, @@ -955,6 +1058,7 @@ def __init__(__self__, *, :param pulumi.Input[Sequence[pulumi.Input['CrawlerCatalogTargetArgs']]] catalog_targets: Specifies AWS Glue Data Catalog targets. :param pulumi.Input[Sequence[pulumi.Input['CrawlerDeltaTargetArgs']]] delta_targets: Specifies an array of Delta data store targets. :param pulumi.Input[Sequence[pulumi.Input['CrawlerDynamoDbTargetArgs']]] dynamo_db_targets: Specifies Amazon DynamoDB targets. + :param pulumi.Input[Sequence[pulumi.Input['CrawlerHudiTargetArgs']]] hudi_targets: Specifies Apache Hudi data store targets. :param pulumi.Input[Sequence[pulumi.Input['CrawlerIcebergTargetArgs']]] iceberg_targets: Specifies Apache Iceberg data store targets. :param pulumi.Input[Sequence[pulumi.Input['CrawlerJdbcTargetArgs']]] jdbc_targets: Specifies JDBC targets. :param pulumi.Input[Sequence[pulumi.Input['CrawlerMongoDbTargetArgs']]] mongo_db_targets: A list of Mongo DB targets. @@ -966,6 +1070,8 @@ def __init__(__self__, *, pulumi.set(__self__, "delta_targets", delta_targets) if dynamo_db_targets is not None: pulumi.set(__self__, "dynamo_db_targets", dynamo_db_targets) + if hudi_targets is not None: + pulumi.set(__self__, "hudi_targets", hudi_targets) if iceberg_targets is not None: pulumi.set(__self__, "iceberg_targets", iceberg_targets) if jdbc_targets is not None: @@ -1011,6 +1117,18 @@ def dynamo_db_targets(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['Craw def dynamo_db_targets(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['CrawlerDynamoDbTargetArgs']]]]): pulumi.set(self, "dynamo_db_targets", value) + @property + @pulumi.getter(name="hudiTargets") + def hudi_targets(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['CrawlerHudiTargetArgs']]]]: + """ + Specifies Apache Hudi data store targets. + """ + return pulumi.get(self, "hudi_targets") + + @hudi_targets.setter + def hudi_targets(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['CrawlerHudiTargetArgs']]]]): + pulumi.set(self, "hudi_targets", value) + @property @pulumi.getter(name="icebergTargets") def iceberg_targets(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['CrawlerIcebergTargetArgs']]]]: diff --git a/sdk/python/pulumi_aws_native/glue/outputs.py b/sdk/python/pulumi_aws_native/glue/outputs.py index 35d2ed5b16..c410a52fba 100644 --- a/sdk/python/pulumi_aws_native/glue/outputs.py +++ b/sdk/python/pulumi_aws_native/glue/outputs.py @@ -20,6 +20,7 @@ 'CrawlerCatalogTarget', 'CrawlerDeltaTarget', 'CrawlerDynamoDbTarget', + 'CrawlerHudiTarget', 'CrawlerIcebergTarget', 'CrawlerJdbcTarget', 'CrawlerLakeFormationConfiguration', @@ -249,6 +250,84 @@ def path(self) -> Optional[str]: return pulumi.get(self, "path") +@pulumi.output_type +class CrawlerHudiTarget(dict): + """ + Specifies Apache Hudi data store targets. + """ + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "connectionName": + suggest = "connection_name" + elif key == "maximumTraversalDepth": + suggest = "maximum_traversal_depth" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in CrawlerHudiTarget. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + CrawlerHudiTarget.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + CrawlerHudiTarget.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + connection_name: Optional[str] = None, + exclusions: Optional[Sequence[str]] = None, + maximum_traversal_depth: Optional[int] = None, + paths: Optional[Sequence[str]] = None): + """ + Specifies Apache Hudi data store targets. + :param str connection_name: The name of the connection to use to connect to the Hudi target. + :param Sequence[str] exclusions: A list of global patterns used to exclude from the crawl. + :param int maximum_traversal_depth: The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. + :param Sequence[str] paths: One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . + """ + if connection_name is not None: + pulumi.set(__self__, "connection_name", connection_name) + if exclusions is not None: + pulumi.set(__self__, "exclusions", exclusions) + if maximum_traversal_depth is not None: + pulumi.set(__self__, "maximum_traversal_depth", maximum_traversal_depth) + if paths is not None: + pulumi.set(__self__, "paths", paths) + + @property + @pulumi.getter(name="connectionName") + def connection_name(self) -> Optional[str]: + """ + The name of the connection to use to connect to the Hudi target. + """ + return pulumi.get(self, "connection_name") + + @property + @pulumi.getter + def exclusions(self) -> Optional[Sequence[str]]: + """ + A list of global patterns used to exclude from the crawl. + """ + return pulumi.get(self, "exclusions") + + @property + @pulumi.getter(name="maximumTraversalDepth") + def maximum_traversal_depth(self) -> Optional[int]: + """ + The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. + """ + return pulumi.get(self, "maximum_traversal_depth") + + @property + @pulumi.getter + def paths(self) -> Optional[Sequence[str]]: + """ + One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . + """ + return pulumi.get(self, "paths") + + @pulumi.output_type class CrawlerIcebergTarget(dict): """ @@ -769,6 +848,8 @@ def __key_warning(key: str): suggest = "delta_targets" elif key == "dynamoDbTargets": suggest = "dynamo_db_targets" + elif key == "hudiTargets": + suggest = "hudi_targets" elif key == "icebergTargets": suggest = "iceberg_targets" elif key == "jdbcTargets": @@ -793,6 +874,7 @@ def __init__(__self__, *, catalog_targets: Optional[Sequence['outputs.CrawlerCatalogTarget']] = None, delta_targets: Optional[Sequence['outputs.CrawlerDeltaTarget']] = None, dynamo_db_targets: Optional[Sequence['outputs.CrawlerDynamoDbTarget']] = None, + hudi_targets: Optional[Sequence['outputs.CrawlerHudiTarget']] = None, iceberg_targets: Optional[Sequence['outputs.CrawlerIcebergTarget']] = None, jdbc_targets: Optional[Sequence['outputs.CrawlerJdbcTarget']] = None, mongo_db_targets: Optional[Sequence['outputs.CrawlerMongoDbTarget']] = None, @@ -802,6 +884,7 @@ def __init__(__self__, *, :param Sequence['CrawlerCatalogTarget'] catalog_targets: Specifies AWS Glue Data Catalog targets. :param Sequence['CrawlerDeltaTarget'] delta_targets: Specifies an array of Delta data store targets. :param Sequence['CrawlerDynamoDbTarget'] dynamo_db_targets: Specifies Amazon DynamoDB targets. + :param Sequence['CrawlerHudiTarget'] hudi_targets: Specifies Apache Hudi data store targets. :param Sequence['CrawlerIcebergTarget'] iceberg_targets: Specifies Apache Iceberg data store targets. :param Sequence['CrawlerJdbcTarget'] jdbc_targets: Specifies JDBC targets. :param Sequence['CrawlerMongoDbTarget'] mongo_db_targets: A list of Mongo DB targets. @@ -813,6 +896,8 @@ def __init__(__self__, *, pulumi.set(__self__, "delta_targets", delta_targets) if dynamo_db_targets is not None: pulumi.set(__self__, "dynamo_db_targets", dynamo_db_targets) + if hudi_targets is not None: + pulumi.set(__self__, "hudi_targets", hudi_targets) if iceberg_targets is not None: pulumi.set(__self__, "iceberg_targets", iceberg_targets) if jdbc_targets is not None: @@ -846,6 +931,14 @@ def dynamo_db_targets(self) -> Optional[Sequence['outputs.CrawlerDynamoDbTarget' """ return pulumi.get(self, "dynamo_db_targets") + @property + @pulumi.getter(name="hudiTargets") + def hudi_targets(self) -> Optional[Sequence['outputs.CrawlerHudiTarget']]: + """ + Specifies Apache Hudi data store targets. + """ + return pulumi.get(self, "hudi_targets") + @property @pulumi.getter(name="icebergTargets") def iceberg_targets(self) -> Optional[Sequence['outputs.CrawlerIcebergTarget']]: diff --git a/sdk/python/pulumi_aws_native/groundstation/_inputs.py b/sdk/python/pulumi_aws_native/groundstation/_inputs.py index 4afb202dd3..fc200276b8 100644 --- a/sdk/python/pulumi_aws_native/groundstation/_inputs.py +++ b/sdk/python/pulumi_aws_native/groundstation/_inputs.py @@ -1660,6 +1660,7 @@ class MissionProfileStreamsKmsKeyArgsDict(TypedDict): """ KMS Alias Arn. """ + kms_alias_name: NotRequired[pulumi.Input[str]] kms_key_arn: NotRequired[pulumi.Input[str]] """ KMS Key Arn. @@ -1671,6 +1672,7 @@ class MissionProfileStreamsKmsKeyArgsDict(TypedDict): class MissionProfileStreamsKmsKeyArgs: def __init__(__self__, *, kms_alias_arn: Optional[pulumi.Input[str]] = None, + kms_alias_name: Optional[pulumi.Input[str]] = None, kms_key_arn: Optional[pulumi.Input[str]] = None): """ :param pulumi.Input[str] kms_alias_arn: KMS Alias Arn. @@ -1678,6 +1680,8 @@ def __init__(__self__, *, """ if kms_alias_arn is not None: pulumi.set(__self__, "kms_alias_arn", kms_alias_arn) + if kms_alias_name is not None: + pulumi.set(__self__, "kms_alias_name", kms_alias_name) if kms_key_arn is not None: pulumi.set(__self__, "kms_key_arn", kms_key_arn) @@ -1693,6 +1697,15 @@ def kms_alias_arn(self) -> Optional[pulumi.Input[str]]: def kms_alias_arn(self, value: Optional[pulumi.Input[str]]): pulumi.set(self, "kms_alias_arn", value) + @property + @pulumi.getter(name="kmsAliasName") + def kms_alias_name(self) -> Optional[pulumi.Input[str]]: + return pulumi.get(self, "kms_alias_name") + + @kms_alias_name.setter + def kms_alias_name(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "kms_alias_name", value) + @property @pulumi.getter(name="kmsKeyArn") def kms_key_arn(self) -> Optional[pulumi.Input[str]]: diff --git a/sdk/python/pulumi_aws_native/groundstation/dataflow_endpoint_group.py b/sdk/python/pulumi_aws_native/groundstation/dataflow_endpoint_group.py index 78d6c0c269..3e752998eb 100644 --- a/sdk/python/pulumi_aws_native/groundstation/dataflow_endpoint_group.py +++ b/sdk/python/pulumi_aws_native/groundstation/dataflow_endpoint_group.py @@ -207,6 +207,8 @@ def _internal_init(__self__, __props__.__dict__["tags"] = tags __props__.__dict__["arn"] = None __props__.__dict__["aws_id"] = None + replace_on_changes = pulumi.ResourceOptions(replace_on_changes=["contactPostPassDurationSeconds", "contactPrePassDurationSeconds", "endpointDetails[*]"]) + opts = pulumi.ResourceOptions.merge(opts, replace_on_changes) super(DataflowEndpointGroup, __self__).__init__( 'aws-native:groundstation:DataflowEndpointGroup', resource_name, diff --git a/sdk/python/pulumi_aws_native/groundstation/get_dataflow_endpoint_group.py b/sdk/python/pulumi_aws_native/groundstation/get_dataflow_endpoint_group.py index 840a397a5f..97b6dcf6be 100644 --- a/sdk/python/pulumi_aws_native/groundstation/get_dataflow_endpoint_group.py +++ b/sdk/python/pulumi_aws_native/groundstation/get_dataflow_endpoint_group.py @@ -13,9 +13,7 @@ else: from typing_extensions import NotRequired, TypedDict, TypeAlias from .. import _utilities -from . import outputs from .. import outputs as _root_outputs -from ._enums import * __all__ = [ 'GetDataflowEndpointGroupResult', @@ -26,19 +24,10 @@ @pulumi.output_type class GetDataflowEndpointGroupResult: - def __init__(__self__, arn=None, contact_post_pass_duration_seconds=None, contact_pre_pass_duration_seconds=None, endpoint_details=None, id=None, tags=None): + def __init__(__self__, arn=None, id=None, tags=None): if arn and not isinstance(arn, str): raise TypeError("Expected argument 'arn' to be a str") pulumi.set(__self__, "arn", arn) - if contact_post_pass_duration_seconds and not isinstance(contact_post_pass_duration_seconds, int): - raise TypeError("Expected argument 'contact_post_pass_duration_seconds' to be a int") - pulumi.set(__self__, "contact_post_pass_duration_seconds", contact_post_pass_duration_seconds) - if contact_pre_pass_duration_seconds and not isinstance(contact_pre_pass_duration_seconds, int): - raise TypeError("Expected argument 'contact_pre_pass_duration_seconds' to be a int") - pulumi.set(__self__, "contact_pre_pass_duration_seconds", contact_pre_pass_duration_seconds) - if endpoint_details and not isinstance(endpoint_details, list): - raise TypeError("Expected argument 'endpoint_details' to be a list") - pulumi.set(__self__, "endpoint_details", endpoint_details) if id and not isinstance(id, str): raise TypeError("Expected argument 'id' to be a str") pulumi.set(__self__, "id", id) @@ -54,30 +43,6 @@ def arn(self) -> Optional[str]: """ return pulumi.get(self, "arn") - @property - @pulumi.getter(name="contactPostPassDurationSeconds") - def contact_post_pass_duration_seconds(self) -> Optional[int]: - """ - Amount of time, in seconds, after a contact ends that the Ground Station Dataflow Endpoint Group will be in a POSTPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the POSTPASS state. - """ - return pulumi.get(self, "contact_post_pass_duration_seconds") - - @property - @pulumi.getter(name="contactPrePassDurationSeconds") - def contact_pre_pass_duration_seconds(self) -> Optional[int]: - """ - Amount of time, in seconds, before a contact starts that the Ground Station Dataflow Endpoint Group will be in a PREPASS state. A Ground Station Dataflow Endpoint Group State Change event will be emitted when the Dataflow Endpoint Group enters and exits the PREPASS state. - """ - return pulumi.get(self, "contact_pre_pass_duration_seconds") - - @property - @pulumi.getter(name="endpointDetails") - def endpoint_details(self) -> Optional[Sequence['outputs.DataflowEndpointGroupEndpointDetails']]: - """ - List of Endpoint Details, containing address and port for each endpoint. - """ - return pulumi.get(self, "endpoint_details") - @property @pulumi.getter def id(self) -> Optional[str]: @@ -102,9 +67,6 @@ def __await__(self): yield self return GetDataflowEndpointGroupResult( arn=self.arn, - contact_post_pass_duration_seconds=self.contact_post_pass_duration_seconds, - contact_pre_pass_duration_seconds=self.contact_pre_pass_duration_seconds, - endpoint_details=self.endpoint_details, id=self.id, tags=self.tags) @@ -124,9 +86,6 @@ def get_dataflow_endpoint_group(id: Optional[str] = None, return AwaitableGetDataflowEndpointGroupResult( arn=pulumi.get(__ret__, 'arn'), - contact_post_pass_duration_seconds=pulumi.get(__ret__, 'contact_post_pass_duration_seconds'), - contact_pre_pass_duration_seconds=pulumi.get(__ret__, 'contact_pre_pass_duration_seconds'), - endpoint_details=pulumi.get(__ret__, 'endpoint_details'), id=pulumi.get(__ret__, 'id'), tags=pulumi.get(__ret__, 'tags')) def get_dataflow_endpoint_group_output(id: Optional[pulumi.Input[str]] = None, @@ -143,8 +102,5 @@ def get_dataflow_endpoint_group_output(id: Optional[pulumi.Input[str]] = None, __ret__ = pulumi.runtime.invoke_output('aws-native:groundstation:getDataflowEndpointGroup', __args__, opts=opts, typ=GetDataflowEndpointGroupResult) return __ret__.apply(lambda __response__: GetDataflowEndpointGroupResult( arn=pulumi.get(__response__, 'arn'), - contact_post_pass_duration_seconds=pulumi.get(__response__, 'contact_post_pass_duration_seconds'), - contact_pre_pass_duration_seconds=pulumi.get(__response__, 'contact_pre_pass_duration_seconds'), - endpoint_details=pulumi.get(__response__, 'endpoint_details'), id=pulumi.get(__response__, 'id'), tags=pulumi.get(__response__, 'tags'))) diff --git a/sdk/python/pulumi_aws_native/groundstation/outputs.py b/sdk/python/pulumi_aws_native/groundstation/outputs.py index 615b5a8bc9..7c97e6cdbf 100644 --- a/sdk/python/pulumi_aws_native/groundstation/outputs.py +++ b/sdk/python/pulumi_aws_native/groundstation/outputs.py @@ -1332,6 +1332,8 @@ def __key_warning(key: str): suggest = None if key == "kmsAliasArn": suggest = "kms_alias_arn" + elif key == "kmsAliasName": + suggest = "kms_alias_name" elif key == "kmsKeyArn": suggest = "kms_key_arn" @@ -1348,6 +1350,7 @@ def get(self, key: str, default = None) -> Any: def __init__(__self__, *, kms_alias_arn: Optional[str] = None, + kms_alias_name: Optional[str] = None, kms_key_arn: Optional[str] = None): """ :param str kms_alias_arn: KMS Alias Arn. @@ -1355,6 +1358,8 @@ def __init__(__self__, *, """ if kms_alias_arn is not None: pulumi.set(__self__, "kms_alias_arn", kms_alias_arn) + if kms_alias_name is not None: + pulumi.set(__self__, "kms_alias_name", kms_alias_name) if kms_key_arn is not None: pulumi.set(__self__, "kms_key_arn", kms_key_arn) @@ -1366,6 +1371,11 @@ def kms_alias_arn(self) -> Optional[str]: """ return pulumi.get(self, "kms_alias_arn") + @property + @pulumi.getter(name="kmsAliasName") + def kms_alias_name(self) -> Optional[str]: + return pulumi.get(self, "kms_alias_name") + @property @pulumi.getter(name="kmsKeyArn") def kms_key_arn(self) -> Optional[str]: diff --git a/sdk/python/pulumi_aws_native/s3objectlambda/_inputs.py b/sdk/python/pulumi_aws_native/s3objectlambda/_inputs.py index 924c665af7..34722addb5 100644 --- a/sdk/python/pulumi_aws_native/s3objectlambda/_inputs.py +++ b/sdk/python/pulumi_aws_native/s3objectlambda/_inputs.py @@ -191,7 +191,7 @@ class AccessPointTransformationConfigurationArgsDict(TypedDict): """ actions: pulumi.Input[Sequence[pulumi.Input[str]]] """ - A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` . + A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . """ content_transformation: pulumi.Input['AccessPointTransformationConfigurationContentTransformationPropertiesArgsDict'] """ @@ -207,7 +207,7 @@ def __init__(__self__, *, content_transformation: pulumi.Input['AccessPointTransformationConfigurationContentTransformationPropertiesArgs']): """ Configuration to define what content transformation will be applied on which S3 Action. - :param pulumi.Input[Sequence[pulumi.Input[str]]] actions: A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` . + :param pulumi.Input[Sequence[pulumi.Input[str]]] actions: A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . :param pulumi.Input['AccessPointTransformationConfigurationContentTransformationPropertiesArgs'] content_transformation: A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* . """ pulumi.set(__self__, "actions", actions) @@ -217,7 +217,7 @@ def __init__(__self__, *, @pulumi.getter def actions(self) -> pulumi.Input[Sequence[pulumi.Input[str]]]: """ - A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` . + A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . """ return pulumi.get(self, "actions") diff --git a/sdk/python/pulumi_aws_native/s3objectlambda/outputs.py b/sdk/python/pulumi_aws_native/s3objectlambda/outputs.py index 46cfbf8aaa..d311916d1b 100644 --- a/sdk/python/pulumi_aws_native/s3objectlambda/outputs.py +++ b/sdk/python/pulumi_aws_native/s3objectlambda/outputs.py @@ -329,7 +329,7 @@ def __init__(__self__, *, content_transformation: 'outputs.AccessPointTransformationConfigurationContentTransformationProperties'): """ Configuration to define what content transformation will be applied on which S3 Action. - :param Sequence[str] actions: A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` . + :param Sequence[str] actions: A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . :param 'AccessPointTransformationConfigurationContentTransformationProperties' content_transformation: A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* . """ pulumi.set(__self__, "actions", actions) @@ -339,7 +339,7 @@ def __init__(__self__, *, @pulumi.getter def actions(self) -> Sequence[str]: """ - A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObjects` , and `ListObjectsV2` . + A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . """ return pulumi.get(self, "actions") diff --git a/sdk/python/pulumi_aws_native/transfer/__init__.py b/sdk/python/pulumi_aws_native/transfer/__init__.py index 061610920d..db6945571b 100644 --- a/sdk/python/pulumi_aws_native/transfer/__init__.py +++ b/sdk/python/pulumi_aws_native/transfer/__init__.py @@ -15,10 +15,12 @@ from .get_profile import * from .get_server import * from .get_user import * +from .get_web_app import * from .get_workflow import * from .profile import * from .server import * from .user import * +from .web_app import * from .workflow import * from ._inputs import * from . import outputs diff --git a/sdk/python/pulumi_aws_native/transfer/_inputs.py b/sdk/python/pulumi_aws_native/transfer/_inputs.py index a10a11673f..d8add65a14 100644 --- a/sdk/python/pulumi_aws_native/transfer/_inputs.py +++ b/sdk/python/pulumi_aws_native/transfer/_inputs.py @@ -36,6 +36,12 @@ 'UserHomeDirectoryMapEntryArgsDict', 'UserPosixProfileArgs', 'UserPosixProfileArgsDict', + 'WebAppCustomizationArgs', + 'WebAppCustomizationArgsDict', + 'WebAppIdentityProviderDetailsArgs', + 'WebAppIdentityProviderDetailsArgsDict', + 'WebAppUnitsPropertiesArgs', + 'WebAppUnitsPropertiesArgsDict', 'WorkflowEfsInputFileLocationArgs', 'WorkflowEfsInputFileLocationArgsDict', 'WorkflowInputFileLocationArgs', @@ -1116,6 +1122,182 @@ def secondary_gids(self, value: Optional[pulumi.Input[Sequence[pulumi.Input[floa pulumi.set(self, "secondary_gids", value) +if not MYPY: + class WebAppCustomizationArgsDict(TypedDict): + favicon_file: NotRequired[pulumi.Input[str]] + """ + Specifies a favicon to display in the browser tab. + """ + logo_file: NotRequired[pulumi.Input[str]] + """ + Specifies a logo to display on the web app. + """ + title: NotRequired[pulumi.Input[str]] + """ + Specifies a title to display on the web app. + """ +elif False: + WebAppCustomizationArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class WebAppCustomizationArgs: + def __init__(__self__, *, + favicon_file: Optional[pulumi.Input[str]] = None, + logo_file: Optional[pulumi.Input[str]] = None, + title: Optional[pulumi.Input[str]] = None): + """ + :param pulumi.Input[str] favicon_file: Specifies a favicon to display in the browser tab. + :param pulumi.Input[str] logo_file: Specifies a logo to display on the web app. + :param pulumi.Input[str] title: Specifies a title to display on the web app. + """ + if favicon_file is not None: + pulumi.set(__self__, "favicon_file", favicon_file) + if logo_file is not None: + pulumi.set(__self__, "logo_file", logo_file) + if title is not None: + pulumi.set(__self__, "title", title) + + @property + @pulumi.getter(name="faviconFile") + def favicon_file(self) -> Optional[pulumi.Input[str]]: + """ + Specifies a favicon to display in the browser tab. + """ + return pulumi.get(self, "favicon_file") + + @favicon_file.setter + def favicon_file(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "favicon_file", value) + + @property + @pulumi.getter(name="logoFile") + def logo_file(self) -> Optional[pulumi.Input[str]]: + """ + Specifies a logo to display on the web app. + """ + return pulumi.get(self, "logo_file") + + @logo_file.setter + def logo_file(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "logo_file", value) + + @property + @pulumi.getter + def title(self) -> Optional[pulumi.Input[str]]: + """ + Specifies a title to display on the web app. + """ + return pulumi.get(self, "title") + + @title.setter + def title(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "title", value) + + +if not MYPY: + class WebAppIdentityProviderDetailsArgsDict(TypedDict): + """ + You can provide a structure that contains the details for the identity provider to use with your web app. + """ + application_arn: NotRequired[pulumi.Input[str]] + """ + The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. + """ + instance_arn: NotRequired[pulumi.Input[str]] + """ + The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. + """ + role: NotRequired[pulumi.Input[str]] + """ + The IAM role in IAM Identity Center used for the web app. + """ +elif False: + WebAppIdentityProviderDetailsArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class WebAppIdentityProviderDetailsArgs: + def __init__(__self__, *, + application_arn: Optional[pulumi.Input[str]] = None, + instance_arn: Optional[pulumi.Input[str]] = None, + role: Optional[pulumi.Input[str]] = None): + """ + You can provide a structure that contains the details for the identity provider to use with your web app. + :param pulumi.Input[str] application_arn: The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. + :param pulumi.Input[str] instance_arn: The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. + :param pulumi.Input[str] role: The IAM role in IAM Identity Center used for the web app. + """ + if application_arn is not None: + pulumi.set(__self__, "application_arn", application_arn) + if instance_arn is not None: + pulumi.set(__self__, "instance_arn", instance_arn) + if role is not None: + pulumi.set(__self__, "role", role) + + @property + @pulumi.getter(name="applicationArn") + def application_arn(self) -> Optional[pulumi.Input[str]]: + """ + The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. + """ + return pulumi.get(self, "application_arn") + + @application_arn.setter + def application_arn(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "application_arn", value) + + @property + @pulumi.getter(name="instanceArn") + def instance_arn(self) -> Optional[pulumi.Input[str]]: + """ + The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. + """ + return pulumi.get(self, "instance_arn") + + @instance_arn.setter + def instance_arn(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "instance_arn", value) + + @property + @pulumi.getter + def role(self) -> Optional[pulumi.Input[str]]: + """ + The IAM role in IAM Identity Center used for the web app. + """ + return pulumi.get(self, "role") + + @role.setter + def role(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "role", value) + + +if not MYPY: + class WebAppUnitsPropertiesArgsDict(TypedDict): + """ + A union that contains the value for number of concurrent connections or the user sessions on your web app. + """ + provisioned: pulumi.Input[int] +elif False: + WebAppUnitsPropertiesArgsDict: TypeAlias = Mapping[str, Any] + +@pulumi.input_type +class WebAppUnitsPropertiesArgs: + def __init__(__self__, *, + provisioned: pulumi.Input[int]): + """ + A union that contains the value for number of concurrent connections or the user sessions on your web app. + """ + pulumi.set(__self__, "provisioned", provisioned) + + @property + @pulumi.getter + def provisioned(self) -> pulumi.Input[int]: + return pulumi.get(self, "provisioned") + + @provisioned.setter + def provisioned(self, value: pulumi.Input[int]): + pulumi.set(self, "provisioned", value) + + if not MYPY: class WorkflowEfsInputFileLocationArgsDict(TypedDict): """ diff --git a/sdk/python/pulumi_aws_native/transfer/get_web_app.py b/sdk/python/pulumi_aws_native/transfer/get_web_app.py new file mode 100644 index 0000000000..ef5e132d0f --- /dev/null +++ b/sdk/python/pulumi_aws_native/transfer/get_web_app.py @@ -0,0 +1,165 @@ +# coding=utf-8 +# *** WARNING: this file was generated by pulumi-language-python. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs +from .. import outputs as _root_outputs + +__all__ = [ + 'GetWebAppResult', + 'AwaitableGetWebAppResult', + 'get_web_app', + 'get_web_app_output', +] + +@pulumi.output_type +class GetWebAppResult: + def __init__(__self__, access_endpoint=None, arn=None, identity_provider_details=None, tags=None, web_app_customization=None, web_app_id=None, web_app_units=None): + if access_endpoint and not isinstance(access_endpoint, str): + raise TypeError("Expected argument 'access_endpoint' to be a str") + pulumi.set(__self__, "access_endpoint", access_endpoint) + if arn and not isinstance(arn, str): + raise TypeError("Expected argument 'arn' to be a str") + pulumi.set(__self__, "arn", arn) + if identity_provider_details and not isinstance(identity_provider_details, dict): + raise TypeError("Expected argument 'identity_provider_details' to be a dict") + pulumi.set(__self__, "identity_provider_details", identity_provider_details) + if tags and not isinstance(tags, list): + raise TypeError("Expected argument 'tags' to be a list") + pulumi.set(__self__, "tags", tags) + if web_app_customization and not isinstance(web_app_customization, dict): + raise TypeError("Expected argument 'web_app_customization' to be a dict") + pulumi.set(__self__, "web_app_customization", web_app_customization) + if web_app_id and not isinstance(web_app_id, str): + raise TypeError("Expected argument 'web_app_id' to be a str") + pulumi.set(__self__, "web_app_id", web_app_id) + if web_app_units and not isinstance(web_app_units, dict): + raise TypeError("Expected argument 'web_app_units' to be a dict") + pulumi.set(__self__, "web_app_units", web_app_units) + + @property + @pulumi.getter(name="accessEndpoint") + def access_endpoint(self) -> Optional[str]: + """ + The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + """ + return pulumi.get(self, "access_endpoint") + + @property + @pulumi.getter + def arn(self) -> Optional[str]: + """ + Specifies the unique Amazon Resource Name (ARN) for the web app. + """ + return pulumi.get(self, "arn") + + @property + @pulumi.getter(name="identityProviderDetails") + def identity_provider_details(self) -> Optional['outputs.WebAppIdentityProviderDetails']: + """ + You can provide a structure that contains the details for the identity provider to use with your web app. + + For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + """ + return pulumi.get(self, "identity_provider_details") + + @property + @pulumi.getter + def tags(self) -> Optional[Sequence['_root_outputs.Tag']]: + """ + Key-value pairs that can be used to group and search for web apps. + """ + return pulumi.get(self, "tags") + + @property + @pulumi.getter(name="webAppCustomization") + def web_app_customization(self) -> Optional['outputs.WebAppCustomization']: + """ + A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + """ + return pulumi.get(self, "web_app_customization") + + @property + @pulumi.getter(name="webAppId") + def web_app_id(self) -> Optional[str]: + """ + A unique identifier for the web app. + """ + return pulumi.get(self, "web_app_id") + + @property + @pulumi.getter(name="webAppUnits") + def web_app_units(self) -> Optional['outputs.WebAppUnitsProperties']: + """ + A union that contains the value for number of concurrent connections or the user sessions on your web app. + """ + return pulumi.get(self, "web_app_units") + + +class AwaitableGetWebAppResult(GetWebAppResult): + # pylint: disable=using-constant-test + def __await__(self): + if False: + yield self + return GetWebAppResult( + access_endpoint=self.access_endpoint, + arn=self.arn, + identity_provider_details=self.identity_provider_details, + tags=self.tags, + web_app_customization=self.web_app_customization, + web_app_id=self.web_app_id, + web_app_units=self.web_app_units) + + +def get_web_app(arn: Optional[str] = None, + opts: Optional[pulumi.InvokeOptions] = None) -> AwaitableGetWebAppResult: + """ + Resource Type definition for AWS::Transfer::WebApp + + + :param str arn: Specifies the unique Amazon Resource Name (ARN) for the web app. + """ + __args__ = dict() + __args__['arn'] = arn + opts = pulumi.InvokeOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke('aws-native:transfer:getWebApp', __args__, opts=opts, typ=GetWebAppResult).value + + return AwaitableGetWebAppResult( + access_endpoint=pulumi.get(__ret__, 'access_endpoint'), + arn=pulumi.get(__ret__, 'arn'), + identity_provider_details=pulumi.get(__ret__, 'identity_provider_details'), + tags=pulumi.get(__ret__, 'tags'), + web_app_customization=pulumi.get(__ret__, 'web_app_customization'), + web_app_id=pulumi.get(__ret__, 'web_app_id'), + web_app_units=pulumi.get(__ret__, 'web_app_units')) +def get_web_app_output(arn: Optional[pulumi.Input[str]] = None, + opts: Optional[Union[pulumi.InvokeOptions, pulumi.InvokeOutputOptions]] = None) -> pulumi.Output[GetWebAppResult]: + """ + Resource Type definition for AWS::Transfer::WebApp + + + :param str arn: Specifies the unique Amazon Resource Name (ARN) for the web app. + """ + __args__ = dict() + __args__['arn'] = arn + opts = pulumi.InvokeOutputOptions.merge(_utilities.get_invoke_opts_defaults(), opts) + __ret__ = pulumi.runtime.invoke_output('aws-native:transfer:getWebApp', __args__, opts=opts, typ=GetWebAppResult) + return __ret__.apply(lambda __response__: GetWebAppResult( + access_endpoint=pulumi.get(__response__, 'access_endpoint'), + arn=pulumi.get(__response__, 'arn'), + identity_provider_details=pulumi.get(__response__, 'identity_provider_details'), + tags=pulumi.get(__response__, 'tags'), + web_app_customization=pulumi.get(__response__, 'web_app_customization'), + web_app_id=pulumi.get(__response__, 'web_app_id'), + web_app_units=pulumi.get(__response__, 'web_app_units'))) diff --git a/sdk/python/pulumi_aws_native/transfer/outputs.py b/sdk/python/pulumi_aws_native/transfer/outputs.py index d90b18e30e..74c2a91716 100644 --- a/sdk/python/pulumi_aws_native/transfer/outputs.py +++ b/sdk/python/pulumi_aws_native/transfer/outputs.py @@ -27,6 +27,9 @@ 'SftpConfigProperties', 'UserHomeDirectoryMapEntry', 'UserPosixProfile', + 'WebAppCustomization', + 'WebAppIdentityProviderDetails', + 'WebAppUnitsProperties', 'WorkflowEfsInputFileLocation', 'WorkflowInputFileLocation', 'WorkflowS3FileLocation', @@ -877,6 +880,152 @@ def secondary_gids(self) -> Optional[Sequence[float]]: return pulumi.get(self, "secondary_gids") +@pulumi.output_type +class WebAppCustomization(dict): + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "faviconFile": + suggest = "favicon_file" + elif key == "logoFile": + suggest = "logo_file" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in WebAppCustomization. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + WebAppCustomization.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + WebAppCustomization.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + favicon_file: Optional[str] = None, + logo_file: Optional[str] = None, + title: Optional[str] = None): + """ + :param str favicon_file: Specifies a favicon to display in the browser tab. + :param str logo_file: Specifies a logo to display on the web app. + :param str title: Specifies a title to display on the web app. + """ + if favicon_file is not None: + pulumi.set(__self__, "favicon_file", favicon_file) + if logo_file is not None: + pulumi.set(__self__, "logo_file", logo_file) + if title is not None: + pulumi.set(__self__, "title", title) + + @property + @pulumi.getter(name="faviconFile") + def favicon_file(self) -> Optional[str]: + """ + Specifies a favicon to display in the browser tab. + """ + return pulumi.get(self, "favicon_file") + + @property + @pulumi.getter(name="logoFile") + def logo_file(self) -> Optional[str]: + """ + Specifies a logo to display on the web app. + """ + return pulumi.get(self, "logo_file") + + @property + @pulumi.getter + def title(self) -> Optional[str]: + """ + Specifies a title to display on the web app. + """ + return pulumi.get(self, "title") + + +@pulumi.output_type +class WebAppIdentityProviderDetails(dict): + """ + You can provide a structure that contains the details for the identity provider to use with your web app. + """ + @staticmethod + def __key_warning(key: str): + suggest = None + if key == "applicationArn": + suggest = "application_arn" + elif key == "instanceArn": + suggest = "instance_arn" + + if suggest: + pulumi.log.warn(f"Key '{key}' not found in WebAppIdentityProviderDetails. Access the value via the '{suggest}' property getter instead.") + + def __getitem__(self, key: str) -> Any: + WebAppIdentityProviderDetails.__key_warning(key) + return super().__getitem__(key) + + def get(self, key: str, default = None) -> Any: + WebAppIdentityProviderDetails.__key_warning(key) + return super().get(key, default) + + def __init__(__self__, *, + application_arn: Optional[str] = None, + instance_arn: Optional[str] = None, + role: Optional[str] = None): + """ + You can provide a structure that contains the details for the identity provider to use with your web app. + :param str application_arn: The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. + :param str instance_arn: The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. + :param str role: The IAM role in IAM Identity Center used for the web app. + """ + if application_arn is not None: + pulumi.set(__self__, "application_arn", application_arn) + if instance_arn is not None: + pulumi.set(__self__, "instance_arn", instance_arn) + if role is not None: + pulumi.set(__self__, "role", role) + + @property + @pulumi.getter(name="applicationArn") + def application_arn(self) -> Optional[str]: + """ + The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. + """ + return pulumi.get(self, "application_arn") + + @property + @pulumi.getter(name="instanceArn") + def instance_arn(self) -> Optional[str]: + """ + The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. + """ + return pulumi.get(self, "instance_arn") + + @property + @pulumi.getter + def role(self) -> Optional[str]: + """ + The IAM role in IAM Identity Center used for the web app. + """ + return pulumi.get(self, "role") + + +@pulumi.output_type +class WebAppUnitsProperties(dict): + """ + A union that contains the value for number of concurrent connections or the user sessions on your web app. + """ + def __init__(__self__, *, + provisioned: int): + """ + A union that contains the value for number of concurrent connections or the user sessions on your web app. + """ + pulumi.set(__self__, "provisioned", provisioned) + + @property + @pulumi.getter + def provisioned(self) -> int: + return pulumi.get(self, "provisioned") + + @pulumi.output_type class WorkflowEfsInputFileLocation(dict): """ diff --git a/sdk/python/pulumi_aws_native/transfer/web_app.py b/sdk/python/pulumi_aws_native/transfer/web_app.py new file mode 100644 index 0000000000..8952348aff --- /dev/null +++ b/sdk/python/pulumi_aws_native/transfer/web_app.py @@ -0,0 +1,275 @@ +# coding=utf-8 +# *** WARNING: this file was generated by pulumi-language-python. *** +# *** Do not edit by hand unless you're certain you know what you are doing! *** + +import copy +import warnings +import sys +import pulumi +import pulumi.runtime +from typing import Any, Mapping, Optional, Sequence, Union, overload +if sys.version_info >= (3, 11): + from typing import NotRequired, TypedDict, TypeAlias +else: + from typing_extensions import NotRequired, TypedDict, TypeAlias +from .. import _utilities +from . import outputs +from .. import _inputs as _root_inputs +from .. import outputs as _root_outputs +from ._inputs import * + +__all__ = ['WebAppArgs', 'WebApp'] + +@pulumi.input_type +class WebAppArgs: + def __init__(__self__, *, + identity_provider_details: pulumi.Input['WebAppIdentityProviderDetailsArgs'], + access_endpoint: Optional[pulumi.Input[str]] = None, + tags: Optional[pulumi.Input[Sequence[pulumi.Input['_root_inputs.TagArgs']]]] = None, + web_app_customization: Optional[pulumi.Input['WebAppCustomizationArgs']] = None, + web_app_units: Optional[pulumi.Input['WebAppUnitsPropertiesArgs']] = None): + """ + The set of arguments for constructing a WebApp resource. + :param pulumi.Input['WebAppIdentityProviderDetailsArgs'] identity_provider_details: You can provide a structure that contains the details for the identity provider to use with your web app. + + For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + :param pulumi.Input[str] access_endpoint: The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + :param pulumi.Input[Sequence[pulumi.Input['_root_inputs.TagArgs']]] tags: Key-value pairs that can be used to group and search for web apps. + :param pulumi.Input['WebAppCustomizationArgs'] web_app_customization: A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + :param pulumi.Input['WebAppUnitsPropertiesArgs'] web_app_units: A union that contains the value for number of concurrent connections or the user sessions on your web app. + """ + pulumi.set(__self__, "identity_provider_details", identity_provider_details) + if access_endpoint is not None: + pulumi.set(__self__, "access_endpoint", access_endpoint) + if tags is not None: + pulumi.set(__self__, "tags", tags) + if web_app_customization is not None: + pulumi.set(__self__, "web_app_customization", web_app_customization) + if web_app_units is not None: + pulumi.set(__self__, "web_app_units", web_app_units) + + @property + @pulumi.getter(name="identityProviderDetails") + def identity_provider_details(self) -> pulumi.Input['WebAppIdentityProviderDetailsArgs']: + """ + You can provide a structure that contains the details for the identity provider to use with your web app. + + For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + """ + return pulumi.get(self, "identity_provider_details") + + @identity_provider_details.setter + def identity_provider_details(self, value: pulumi.Input['WebAppIdentityProviderDetailsArgs']): + pulumi.set(self, "identity_provider_details", value) + + @property + @pulumi.getter(name="accessEndpoint") + def access_endpoint(self) -> Optional[pulumi.Input[str]]: + """ + The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + """ + return pulumi.get(self, "access_endpoint") + + @access_endpoint.setter + def access_endpoint(self, value: Optional[pulumi.Input[str]]): + pulumi.set(self, "access_endpoint", value) + + @property + @pulumi.getter + def tags(self) -> Optional[pulumi.Input[Sequence[pulumi.Input['_root_inputs.TagArgs']]]]: + """ + Key-value pairs that can be used to group and search for web apps. + """ + return pulumi.get(self, "tags") + + @tags.setter + def tags(self, value: Optional[pulumi.Input[Sequence[pulumi.Input['_root_inputs.TagArgs']]]]): + pulumi.set(self, "tags", value) + + @property + @pulumi.getter(name="webAppCustomization") + def web_app_customization(self) -> Optional[pulumi.Input['WebAppCustomizationArgs']]: + """ + A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + """ + return pulumi.get(self, "web_app_customization") + + @web_app_customization.setter + def web_app_customization(self, value: Optional[pulumi.Input['WebAppCustomizationArgs']]): + pulumi.set(self, "web_app_customization", value) + + @property + @pulumi.getter(name="webAppUnits") + def web_app_units(self) -> Optional[pulumi.Input['WebAppUnitsPropertiesArgs']]: + """ + A union that contains the value for number of concurrent connections or the user sessions on your web app. + """ + return pulumi.get(self, "web_app_units") + + @web_app_units.setter + def web_app_units(self, value: Optional[pulumi.Input['WebAppUnitsPropertiesArgs']]): + pulumi.set(self, "web_app_units", value) + + +class WebApp(pulumi.CustomResource): + @overload + def __init__(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + access_endpoint: Optional[pulumi.Input[str]] = None, + identity_provider_details: Optional[pulumi.Input[Union['WebAppIdentityProviderDetailsArgs', 'WebAppIdentityProviderDetailsArgsDict']]] = None, + tags: Optional[pulumi.Input[Sequence[pulumi.Input[Union['_root_inputs.TagArgs', '_root_inputs.TagArgsDict']]]]] = None, + web_app_customization: Optional[pulumi.Input[Union['WebAppCustomizationArgs', 'WebAppCustomizationArgsDict']]] = None, + web_app_units: Optional[pulumi.Input[Union['WebAppUnitsPropertiesArgs', 'WebAppUnitsPropertiesArgsDict']]] = None, + __props__=None): + """ + Resource Type definition for AWS::Transfer::WebApp + + :param str resource_name: The name of the resource. + :param pulumi.ResourceOptions opts: Options for the resource. + :param pulumi.Input[str] access_endpoint: The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + :param pulumi.Input[Union['WebAppIdentityProviderDetailsArgs', 'WebAppIdentityProviderDetailsArgsDict']] identity_provider_details: You can provide a structure that contains the details for the identity provider to use with your web app. + + For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + :param pulumi.Input[Sequence[pulumi.Input[Union['_root_inputs.TagArgs', '_root_inputs.TagArgsDict']]]] tags: Key-value pairs that can be used to group and search for web apps. + :param pulumi.Input[Union['WebAppCustomizationArgs', 'WebAppCustomizationArgsDict']] web_app_customization: A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + :param pulumi.Input[Union['WebAppUnitsPropertiesArgs', 'WebAppUnitsPropertiesArgsDict']] web_app_units: A union that contains the value for number of concurrent connections or the user sessions on your web app. + """ + ... + @overload + def __init__(__self__, + resource_name: str, + args: WebAppArgs, + opts: Optional[pulumi.ResourceOptions] = None): + """ + Resource Type definition for AWS::Transfer::WebApp + + :param str resource_name: The name of the resource. + :param WebAppArgs args: The arguments to use to populate this resource's properties. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + ... + def __init__(__self__, resource_name: str, *args, **kwargs): + resource_args, opts = _utilities.get_resource_args_opts(WebAppArgs, pulumi.ResourceOptions, *args, **kwargs) + if resource_args is not None: + __self__._internal_init(resource_name, opts, **resource_args.__dict__) + else: + __self__._internal_init(resource_name, *args, **kwargs) + + def _internal_init(__self__, + resource_name: str, + opts: Optional[pulumi.ResourceOptions] = None, + access_endpoint: Optional[pulumi.Input[str]] = None, + identity_provider_details: Optional[pulumi.Input[Union['WebAppIdentityProviderDetailsArgs', 'WebAppIdentityProviderDetailsArgsDict']]] = None, + tags: Optional[pulumi.Input[Sequence[pulumi.Input[Union['_root_inputs.TagArgs', '_root_inputs.TagArgsDict']]]]] = None, + web_app_customization: Optional[pulumi.Input[Union['WebAppCustomizationArgs', 'WebAppCustomizationArgsDict']]] = None, + web_app_units: Optional[pulumi.Input[Union['WebAppUnitsPropertiesArgs', 'WebAppUnitsPropertiesArgsDict']]] = None, + __props__=None): + opts = pulumi.ResourceOptions.merge(_utilities.get_resource_opts_defaults(), opts) + if not isinstance(opts, pulumi.ResourceOptions): + raise TypeError('Expected resource options to be a ResourceOptions instance') + if opts.id is None: + if __props__ is not None: + raise TypeError('__props__ is only valid when passed in combination with a valid opts.id to get an existing resource') + __props__ = WebAppArgs.__new__(WebAppArgs) + + __props__.__dict__["access_endpoint"] = access_endpoint + if identity_provider_details is None and not opts.urn: + raise TypeError("Missing required property 'identity_provider_details'") + __props__.__dict__["identity_provider_details"] = identity_provider_details + __props__.__dict__["tags"] = tags + __props__.__dict__["web_app_customization"] = web_app_customization + __props__.__dict__["web_app_units"] = web_app_units + __props__.__dict__["arn"] = None + __props__.__dict__["web_app_id"] = None + replace_on_changes = pulumi.ResourceOptions(replace_on_changes=["identityProviderDetails.instanceArn"]) + opts = pulumi.ResourceOptions.merge(opts, replace_on_changes) + super(WebApp, __self__).__init__( + 'aws-native:transfer:WebApp', + resource_name, + __props__, + opts) + + @staticmethod + def get(resource_name: str, + id: pulumi.Input[str], + opts: Optional[pulumi.ResourceOptions] = None) -> 'WebApp': + """ + Get an existing WebApp resource's state with the given name, id, and optional extra + properties used to qualify the lookup. + + :param str resource_name: The unique name of the resulting resource. + :param pulumi.Input[str] id: The unique provider ID of the resource to lookup. + :param pulumi.ResourceOptions opts: Options for the resource. + """ + opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id)) + + __props__ = WebAppArgs.__new__(WebAppArgs) + + __props__.__dict__["access_endpoint"] = None + __props__.__dict__["arn"] = None + __props__.__dict__["identity_provider_details"] = None + __props__.__dict__["tags"] = None + __props__.__dict__["web_app_customization"] = None + __props__.__dict__["web_app_id"] = None + __props__.__dict__["web_app_units"] = None + return WebApp(resource_name, opts=opts, __props__=__props__) + + @property + @pulumi.getter(name="accessEndpoint") + def access_endpoint(self) -> pulumi.Output[Optional[str]]: + """ + The AccessEndpoint is the URL that you provide to your users for them to interact with the Transfer Family web app. You can specify a custom URL or use the default value. + """ + return pulumi.get(self, "access_endpoint") + + @property + @pulumi.getter + def arn(self) -> pulumi.Output[str]: + """ + Specifies the unique Amazon Resource Name (ARN) for the web app. + """ + return pulumi.get(self, "arn") + + @property + @pulumi.getter(name="identityProviderDetails") + def identity_provider_details(self) -> pulumi.Output['outputs.WebAppIdentityProviderDetails']: + """ + You can provide a structure that contains the details for the identity provider to use with your web app. + + For more details about this parameter, see [Configure your identity provider for Transfer Family web apps](https://docs.aws.amazon.com//transfer/latest/userguide/webapp-identity-center.html) . + """ + return pulumi.get(self, "identity_provider_details") + + @property + @pulumi.getter + def tags(self) -> pulumi.Output[Optional[Sequence['_root_outputs.Tag']]]: + """ + Key-value pairs that can be used to group and search for web apps. + """ + return pulumi.get(self, "tags") + + @property + @pulumi.getter(name="webAppCustomization") + def web_app_customization(self) -> pulumi.Output[Optional['outputs.WebAppCustomization']]: + """ + A structure that contains the customization fields for the web app. You can provide a title, logo, and icon to customize the appearance of your web app. + """ + return pulumi.get(self, "web_app_customization") + + @property + @pulumi.getter(name="webAppId") + def web_app_id(self) -> pulumi.Output[str]: + """ + A unique identifier for the web app. + """ + return pulumi.get(self, "web_app_id") + + @property + @pulumi.getter(name="webAppUnits") + def web_app_units(self) -> pulumi.Output[Optional['outputs.WebAppUnitsProperties']]: + """ + A union that contains the value for number of concurrent connections or the user sessions on your web app. + """ + return pulumi.get(self, "web_app_units") +